Vulnerabilities > Usememos
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-15 | CVE-2023-0109 | Cross-site Scripting vulnerability in Usememos Memos 0.9.1 A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. | 5.4 |
2023-09-18 | CVE-2023-5036 | Cross-Site Request Forgery (CSRF) vulnerability in Usememos Memos Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. | 8.8 |
2023-09-01 | CVE-2023-4696 | Improper Access Control vulnerability in Usememos Memos Improper Access Control in GitHub repository usememos/memos prior to 0.13.2. | 9.8 |
2023-09-01 | CVE-2023-4697 | Improper Privilege Management vulnerability in Usememos Memos Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2. | 8.8 |
2023-09-01 | CVE-2023-4698 | Improper Input Validation vulnerability in Usememos Memos Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2. | 7.5 |
2023-02-15 | CVE-2022-25978 | Cross-site Scripting vulnerability in Usememos Memos All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. | 6.1 |
2023-01-07 | CVE-2023-0106 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
2023-01-07 | CVE-2023-0107 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
2023-01-07 | CVE-2023-0108 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
2023-01-07 | CVE-2023-0110 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |