CVE-2022-0880

Name of the Vulnerable Software and Affected Versions ShowDoc versions prior to 2.10.2 ShowDoc version 2.10.3 and prior

Description The issue is related to stored Cross-site Scripting (XSS) in the GitHub repository star7th/showdoc. This type of attack occurs when an application stores user input that contains malicious scripts, which are then executed by the application, allowing an attacker to perform unauthorized actions.

Recommendations For ShowDoc versions prior to 2.10.2, update to version 2.10.2 or later. For ShowDoc version 2.10.3 and prior, a patch is available and anticipated to be part of version 2.10.4, so update to version 2.10.4 when available. As a temporary workaround, consider restricting user input to minimize the risk of exploitation.