Stored XSS via File Upload in star7th/showdoc


Reported on

Mar 14th 2022


Stored XSS via uploading file in .md format.

Proof of Concept



Steps to Reproduce

1.Login into
2.Navigate to file library (
3.In the File Library page, click the Upload button and choose the file.
4.After uploading the file, click on the check button to open that file in a new tab.

XSS will trigger when the attachment is opened in a new tab.



An attacker can perform social engineering on users by redirecting them from a real website to a fake one. a hacker can steal their cookies etc.

We are processing your report and will contact the star7th/showdoc team within 24 hours. a year ago
star7th validated this vulnerability a year ago
Ajaysen R has been awarded the disclosure bounty
The fix bounty is now up for grabs
star7th marked this as fixed in v.2.10.4 with commit 56e450 a year ago
star7th has been awarded the fix bounty
This vulnerability will not receive a CVE
to join this conversation