Cross-site Scripting in ShowDoc

🗓️ 15 Mar 2022 00:03:01Reported by GitHub Advisory DatabaseType

ShowDoc vulnerable to stored cross-site scripting in versions 2.10.3 and below, patch expected in 2.10.

Reporter	Title	Published	Views	Family All 9
OSV	CVE-2022-0941	14 Mar 202213:15	–	osv
OSV	Cross-site Scripting in ShowDoc	15 Mar 202200:01	–	osv
Prion	Unrestricted file upload	14 Mar 202213:15	–	prion
RedhatCVE	CVE-2022-0941	5 Feb 202519:20	–	redhatcve
NVD	CVE-2022-0941	14 Mar 202213:15	–	nvd
CNVD	showdoc .xsl file upload vulnerability	16 Mar 202200:00	–	cnvd
Huntr	Stored XSS due to Unrestricted File Upload	13 Mar 202211:59	–	huntr
CVE	CVE-2022-0941	14 Mar 202213:15	–	cve
Cvelist	CVE-2022-0941 Stored XSS due to Unrestricted File Upload in star7th/showdoc	14 Mar 202212:25	–	cvelist

Vulners

Node

showdoc showdocRange≤2.10.3

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2022-0941
github	www.github.com/star7th/showdoc/commit/4b6e6603c714aab1de346c5f5cb0bbb4c871be1f
huntr	www.huntr.dev/bounties/040a910e-e689-4fcb-9e4f-95206515d1bc
github	www.github.com/advisories/GHSA-wg4r-q74r-p7c8

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

15 Mar 2022 00:01Current

3.1Low risk

Vulners AI Score3.1

CVSS23.5

CVSS35.4 - 7.3

EPSS0.00054

CWE-79