ShowDoc is a tool for an IT team to share documents online. showdoc contains a stored cross-site scripting vulnerability in the File Library page when uploading a file in .ofd format in versions prior to 2.10.4. At this time, there is no known workaround. Users should update to version 2.10.4.

Affected Packages

Packagist showdoc/showdoc

Affected versions: 0 (fixed in 2.10.4)

Related CVEs

CVE-2022-0967

Key Information

GHSA ID

GHSA-3pg8-c473-w6rr

Published

March 16, 2022 12:00 AM

Last Modified

March 25, 2022 12:07 AM

CVSS Score

5.0 /10

Primary Ecosystem

Packagist

Primary Package

showdoc/showdoc

GitHub Reviewed

✓ Yes

Dataset

Last updated: September 14, 2025 6:31 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.