Vulnerabilities > Usememos > Memos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-15 | CVE-2023-0109 | Unspecified vulnerability in Usememos Memos 0.9.1 A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. | 5.4 |
| 2024-04-19 | CVE-2024-29029 | Server-Side Request Forgery (SSRF) vulnerability in Usememos Memos memos is a privacy-first, lightweight note-taking service. | 6.1 |
| 2023-02-15 | CVE-2022-25978 | Cross-site Scripting vulnerability in Usememos Memos All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. | 6.1 |
| 2023-01-07 | CVE-2023-0106 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0107 | Unspecified vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0108 | Unspecified vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0110 | Unspecified vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0111 | Unspecified vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0112 | Unspecified vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2022-12-30 | CVE-2022-4863 | Unspecified vulnerability in Usememos Memos Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1. | 6.5 |