3 matches found
CVE-2022-0880
Cross-site Scripting XSS - Stored in GitHub repository star7th/showdoc prior to 2.10.2...
CVE-2022-0880 Cross-site Scripting (XSS) - Stored in star7th/showdoc
Cross-site Scripting XSS - Stored in GitHub repository star7th/showdoc prior to 2.10.2...
CVE-2022-0880
CVE-2022-0880 affects ShowDoc (star7th/showdoc) up to version 2.10.2, with stored XSS via attachments in the File Library (notably XML uploads) as reported by multiple sources. The vulnerability arises from stored XSS in the web interface when handling uploaded attachments, leading to script exec...