Lucene search
Veracode Vulnerability DatabaseVERACODE:34789HistoryMar 22, 2022 - 8:34 a.m.
Cross-site Scripting (XSS)
2022-03-2208:34:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
showdoc
cross-site scripting
stored
validation
ofd files
vulnerability
javascript
EPSS
0.001
Percentile
45.7%
showdoc/showdoc is vulnerable to stored cross-site scripting. The vulnerability exists due to lack of xss validations for uploaded OFD files before they get stored which allows an attacker to inject and execute arbitrary javascript.
Related
cve
cve
CVE-2022-0967
2022-03-15 16:15:09
packetstorm
packetstorm
Showdoc 2.10.3 Cross Site Scripting
2022-05-17 00:00:00
cnvd
cnvd
showdoc .ofd file upload vulnerability
2022-03-17 00:00:00
huntr
huntr
Stored XSS via File Upload in star7th/showdoc in star7th/showdoc
2022-03-14 14:39:26
zdt
zdt
Showdoc 2.10.3 - Stored Cross-Site Scripting Vulnerability
2022-05-17 00:00:00
github
github
Stored Cross-site Scripting in showdoc
2022-03-16 00:00:46
osv
osv
Stored Cross-site Scripting in showdoc
2022-03-16 00:00:46
CVE-2022-0967
2022-03-15 16:15:09
prion
prion
Cross site scripting
2022-03-15 16:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-0967
2022-03-15 16:15:09
exploitdb
exploitdb
Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
2022-05-17 00:00:00