Miggo Logo

CVE-2022-0967: Stored Cross-site Scripting in showdoc

6.9

CVSS Score
3.0

Basic Information

EPSS Score
0.73596%
Published
3/16/2022
Updated
1/27/2023
KEV Status
No
Technology
TechnologyPHP

Technical Details

CVSS Vector
CVSS:3.0/AV:P/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Package NameEcosystemVulnerable VersionsFirst Patched Version
showdoc/showdoccomposer< 2.10.42.10.4

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from the inclusion of .ofd in the allowed file extensions (via isAllowedFilename), which the upload() function did not block. The patch removed .ofd from the whitelist and added stricter validation. Both functions directly contributed to the vulnerability: isAllowedFilename by permitting the dangerous type, and upload() by processing the file without additional safeguards.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

S*ow*o* is * tool *or *n IT t**m to s**r* *o*um*nts onlin*. s*ow*o* *ont*ins * stor** *ross-sit* s*riptin* vuln*r**ility in t** *il* Li*r*ry p*** w**n uplo**in* * *il* in .o** *orm*t in v*rsions prior to *.**.*. *t t*is tim*, t**r* is no known work*r

Reasoning

T** vuln*r**ility st*ms *rom t** in*lusion o* .o** in t** *llow** *il* *xt*nsions (vi* `is*llow***il*n*m*`), w*i** t** `uplo**()` *un*tion *i* not *lo*k. T** p*t** r*mov** .o** *rom t** w*it*list *n* ***** stri*t*r v*li**tion. *ot* *un*tions *ir**tly