Vulnerabilities > Usememos > Memos > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-09-01 CVE-2023-4696 Improper Access Control vulnerability in Usememos Memos
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
network
low complexity
usememos CWE-284
critical
 9.8
9.8
2022-12-31 CVE-2022-4866 Cross-site Scripting vulnerability in Usememos Memos
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
network
low complexity
usememos CWE-79
critical
 9.0
9.0
2022-12-31 CVE-2022-4865 Cross-site Scripting vulnerability in Usememos Memos
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
network
low complexity
usememos CWE-79
critical
 9.0
9.0
2022-12-23 CVE-2022-4686 Authorization Bypass Through User-Controlled Key vulnerability in Usememos Memos
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.
network
low complexity
usememos CWE-639
critical
 9.8
9.8