4 matches found
EUVD-2022-1585
Malicious code in bioql PyPI...
GHSA-XM3X-787M-P66R Cross-site Scripting in ShowDoc
ShowDoc prior to 2.10.4 is vulnerable to stored cross-site scripting via .webmv file upload...
CVE-2022-0964
CVE-2022-0964 describes a stored XSS in ShowDoc prior to version 2.10.4, triggered by uploading a .webmv file. The root cause stems from insufficient detection of .webmv extensions in the file upload feature, enabling an attacker to upload content that could execute scripts in a user’s browser an...
CVE-2022-0964 Stored XSS viva .webmv file upload in star7th/showdoc
Stored XSS viva .webmv file upload in GitHub repository star7th/showdoc prior to 2.10.4...