Lucene search
Akshayravic09yc479DEA3C98-7609-480D-902D-149067BD1E2AHistoryMar 14, 2022 - 2:39 p.m.
Stored XSS via File Upload in star7th/showdoc in star7th/showdoc
2022-03-1414:39:26
akshayravic09yc47
www.huntr.dev
12
0.001 Low
EPSS
Percentile
44.8%
Description
Stored XSS via uploading file in .ofd format.
Proof of Concept
filename="test.ofd"
<script>alert(1)</script>
Steps to Reproduce
- Login into showdoc.com.cn.
- Navigate to file library (https://www.showdoc.com.cn/attachment/index)
- In the File Library page, click the Upload button and choose the test.ofd file.
- After uploading the file, click on the check button to open that file in a new tab.
- XSS will trigger when the attachment is opened in a new tab.
POC url:
https://img.showdoc.cc/622f5237a4612_622f5237a4609.ofd?e=1647272323&token=-YdeH6WvESHZKz-yUzWjO-uVV6A7oVrCN3UXi48F:0OnGqbEWkwJaFbR43A347gUCOMc=
Impact:
An attacker can perform social engineering on users by redirecting them from a real website to a fake one. a hacker can steal their cookies etc.
Related
osv
osv
Stored Cross-site Scripting in showdoc
2022-03-16 00:00:46
CVE-2022-0967
2022-03-15 16:15:09
prion
prion
Cross site scripting
2022-03-15 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-0967
2022-03-15 16:15:09
veracode
veracode
Cross-site Scripting (XSS)
2022-03-22 08:34:11
packetstorm
packetstorm
Showdoc 2.10.3 Cross Site Scripting
2022-05-17 00:00:00
cnvd
cnvd
showdoc .ofd file upload vulnerability
2022-03-17 00:00:00
cve
cve
CVE-2022-0967
2022-03-15 16:15:09
github
github
Stored Cross-site Scripting in showdoc
2022-03-16 00:00:46
zdt
zdt
Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability
2022-05-17 00:00:00
exploitdb
exploitdb
Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
2022-05-17 00:00:00