4 matches found
CVE-2022-0960
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-0960
The CVE covers ShowDoc (open source) prior to version 2.10.4, where the file upload feature allows .properties files to be uploaded, enabling stored XSS in users’ browsers. The root cause is inadequate filtering/detection of .properties uploads in the file upload mechanism. Impact is stored XSS l...
CVE-2022-0960 Stored XSS viva .properties file upload in star7th/showdoc
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4...
CVE-2022-0960 Stored XSS viva .properties file upload in star7th/showdoc
Stored XSS viva .properties file upload in GitHub repository star7th/showdoc prior to 2.10.4...