3 matches found
ALPINE-CVE-2023-29469
An issue was discovered in libxml2 before 2.10.4. When hashing empty dict strings in a crafted XML document, xmlDictComputeFastKey in dict.c can produce non-deterministic values, leading to various logic and memory errors, such as a double free. This behavior occurs because there is an attempt to...
showdoc 跨站脚本漏洞
showdoc is open source and a great tool for IT teams to share documents online. showdoc versions prior to 2.10.4 have a security vulnerability that stems from the application allowing the upload of .ofd files, which leads to a cross-site scripting vulnerability. No detailed vulnerability details...
showdoc 跨站脚本漏洞
showdoc is an open source tool ideal for IT teams to share documents online. showdoc versions prior to v2.10.4 contain a file upload vulnerability that stems from the lack of effective detection of .xsl file extensions in the application's file upload feature. An attacker could exploit this...