0.001 Low
EPSS
Percentile
21.6%
ShowDoc is vulnerable to stored cross-site scripting via viva cshtm file upload in in versions 2.10.3 and prior. A patch is available and anticipated to be part of version 2.10.4.
github.com/star7th/showdoc
github.com/star7th/showdoc/commit/e5d575928b1371a7e07b09b6592822298335062a
huntr.dev/bounties/1f8f0021-396e-428e-9748-dd4e359715e1
nvd.nist.gov/vuln/detail/CVE-2022-0946