CVE-2022-0938
ShowDoc (star7th/showdoc) is affected by CVE-2022-0938: a stored XSS via the file upload feature in versions prior to 2.10.4. The issue stems from insufficient filtering of .xxhtml file uploads, enabling an attacker to upload malicious files and execute scripts in a user’s browser. Public referen...