0.001 Low
EPSS
Percentile
21.6%
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via uploading files with files in .xsd, .asa, and .aspx formats.
.xsd
.asa
.aspx
github.com/star7th/showdoc
github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8
huntr.dev/bounties/a412707c-18da-4c84-adc0-9801ed8068c9
nvd.nist.gov/vuln/detail/CVE-2022-0942