CVE-2024-36676

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt