SB2022031716 - Multiple vulnerabilities in ShowDoc
Published: March 17, 2022 Updated: March 17, 2022
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 7 secuirty vulnerabilities.
1) Stored cross-site scripting (CVE-ID: CVE-2022-0960)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the .properties file. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
2) Stored cross-site scripting (CVE-ID: CVE-2022-0956)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the File Library page. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
3) Cross-site scripting (CVE-ID: CVE-2022-0957)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the .m3u8a file. A remote attacker can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
4) Stored cross-site scripting (CVE-ID: CVE-2022-0965)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within .ofd file upload. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
5) Stored cross-site scripting (CVE-ID: CVE-2022-0964)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data within the .webmv file upload. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
6) Stored cross-site scripting (CVE-ID: CVE-2022-0966)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the File Library page. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
7) Stored cross-site scripting (CVE-ID: CVE-2022-0967)
The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks.
The vulnerability exists due to insufficient sanitization of user-supplied data in the File Library page. A remote user can inject and execute arbitrary HTML and script code in user's browser in context of vulnerable website.
Successful exploitation of this vulnerability may allow a remote attacker to steal potentially sensitive information, change appearance of the web page, perform phishing and drive-by-download attacks.
Remediation
Install update from vendor's website.
References
- https://huntr.dev/bounties/462cd8a7-b1a9-4e93-af71-b56ba1d7ad4e
- https://github.com/star7th/showdoc/commit/92bc6a83a3a60e01a0d2effb98ab47d8d7eab28f
- https://github.com/star7th/showdoc/commit/56e450c3adf75c707500d7231a78c9fc894c7f13
- https://huntr.dev/bounties/5b0e3f02-309f-4b59-8020-d7ac0f1999f2
- https://huntr.dev/bounties/b4918d45-b635-40db-bb4b-34035e1aca21
- https://github.com/star7th/showdoc/commit/d1c9ed0d77ea5d56f09be0c492361dca8af745bb
- https://github.com/star7th/showdoc/commit/3caa32334db0c277b84e993eaca2036f5d1dbef8
- https://huntr.dev/bounties/d66c88ce-63e2-4515-a429-8e43a42aa347
- https://huntr.dev/bounties/dbe39998-8eb7-46ea-997f-7b27f6f16ea0
- https://huntr.dev/bounties/e06c0d55-00a3-4f82-a009-0310b2e402fe
- https://huntr.dev/bounties/9dea3c98-7609-480d-902d-149067bd1e2a