Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting XSS Exploit Author: Akshay Ravi Vendor Homepage: https://github.com/star7th/showdoc Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3 Version: alert1" 2. Login to showdoc v2.10.2 and go to file library Endpoint =...

CVE-2021-45473

A flaw was found in mediawiki through version 1.37. Wikibase item descriptions allow cross-site scripting attacks XSS, which is triggered upon a visit to an action=info URL aka a page-information sidebar...