What the vulnerability does
01Description
Stored XSS via File Upload in GitHub repository star7th/showdoc prior to v.2.10.4.
CVE-2022-0956
HIGH
CVE-2022-0956: Stored XSS via File Upload in star7th/showdoc
CVSS base score
7.1/10
CVSS vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
Key dates
02Disclosure timeline
March 15, 2022
CVE published
August 2, 2024
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-7733 FastCMS New Article Category Page cross site scripting
CVE-2023-6452
CVE-2026-0913 User Submitted Posts <= 20260110 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'usp_access' Shortcode
CVE-2025-10027 itsourcecode POS Point of Sale System 2512.php cross site scripting
CVE-2022-4731 myapnea Title cross site scripting
