BookStack

vulnerability zip slip
severity 7.1
language go
registry other

✍️ Description

Bookstack This package is vulnerable for zip-slip

🕵️‍♂️ Proof of Concept

download and run latest release from https://github.com/TruthHun/BookStack Or use demo https://www.bookstack.cn/

here is a poc : https://we.tl/t-2Vppq98bUj

💥 Impact

Arbitary file overwrite