Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.
References
Link | Resource |
---|---|
https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13 | Patch Third Party Advisory |
https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2 | Exploit Third Party Advisory |
Configurations
Information
Published : 2022-03-15 06:15
Updated : 2022-03-22 11:46
NVD link : CVE-2022-0956
Mitre link : CVE-2022-0956
JSON object : View
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Products Affected
showdoc
- showdoc