3 matches found
CVE-2022-0957
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-0957
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-0957
ShowDoc (GitHub: star7th/showdoc) before 2.10.4 is affected by a Stored XSS via file upload. The root cause cited across sources is insufficient validation/detection of certain file extensions (notably .m3u8a) in the file upload feature, enabling attackers to upload malicious content that can exe...