Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)

vendor:

Showdoc

by:

Akshay Ravi

5.4

CVSS

MEDIUM

Stored Cross-Site Scripting (XSS)

CWE

Product Name: Showdoc

Affected Version From: <= 2.10.3

Affected Version To: <= 2.10.3

Patch Exists: YES

Related CWE: CVE-2022-0967

CPE: 2.10.2003

Metasploit:

Other Scripts:

Platforms Tested: macOS Monterey

2022

Showdoc 2.10.3 – Stored Cross-Site Scripting (XSS)

Stored XSS via uploading file in .ofd format. Create a file with .ofd extension and add XSS Payload inside the file. Login to showdoc v2.10.2 and go to file library. Upload the payload on file library and click on the check button. The XSS payload will executed once we visited the URL.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in the application.

Source

Exploit-DB raw data:

# Exploit Title: Showdoc 2.10.3 - Stored Cross-Site Scripting (XSS)
# Exploit Author: Akshay Ravi
# Vendor Homepage: https://github.com/star7th/showdoc
# Software Link: https://github.com/star7th/showdoc/releases/tag/v2.10.3
# Version: <= 2.10.3
# Tested on: macOS Monterey
# CVE : CVE-2022-0967

Description: Stored XSS via uploading file in .ofd format

1. Create a file with .ofd extension and add XSS Payload inside the file
	
	filename = "payload.ofd"
	payload = "<script>alert(1)</script>"

2. Login to showdoc v2.10.2 and go to file library
	
	Endpoint = "https://www.site.com/attachment/index"

3. Upload the payload on file library and click on the check button
4. The XSS payload will executed once we visited the URL