4 matches found
Showdoc 2.10.3 Cross Site Scripting
Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...
Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability
Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...
Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...
CVE-2022-0967
The CVE-2022-0967 case refers to ShowDoc (star7th/showdoc). It describes a Stored XSS risk via the file-upload feature in the File Library when uploading .ofd files, affecting versions prior to 2.10.4. The underlying issue is inadequate validation/detection of .ofd uploads, allowing injection tha...