BookStack is an open source set of BookStackApp (Bookstackapp) team’s platform for building wiki documents using PHP and Laravel. bookstackapp suffers from a security vulnerability that stems from an improper restriction on the pathname of restricted directories in bookstack. An attacker could exploit the vulnerability to obtain sensitive information.