0.001 Low
EPSS
Percentile
21.6%
The upload feature of ShowDoc prior to version 2.10.4 allows files with the extension .*html, which leads to stored cross-site scripting.
.*html
github.com/star7th/showdoc
github.com/star7th/showdoc/commit/237ac6d43bf3728bf3587c486a23b4a48ea7acb3
huntr.dev/bounties/acc23996-bd57-448f-9eb4-05a8a046c2dc
nvd.nist.gov/vuln/detail/CVE-2022-0950