5 matches found
CVE-2022-0956
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4...
CVE-2022-0956
creationtimestamp| type| source ---|---|--- 2022-03-15 15:19:19+00:00| seen| https://t.me/cibsecurity/38919...
CVE-2022-0956
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4...
CVE-2022-0956 Stored XSS via File Upload in star7th/showdoc
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4...
CVE-2022-0956
CVE-2022-0956 affects ShowDoc. It is a stored XSS via file upload in showdoc prior to v2.10.4 (GitHub star7th/showdoc). The root cause is inadequate file-upload validation (notably to block .md extension), allowing malicious scripts to be uploaded and executed in the user's browser. Impact is use...