Vulnerabilities > Usememos > Memos > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-15 | CVE-2022-25978 | Cross-site Scripting vulnerability in Usememos Memos All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. | 6.1 |
| 2023-01-07 | CVE-2023-0106 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0107 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0108 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0110 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0111 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2023-01-07 | CVE-2023-0112 | Cross-site Scripting vulnerability in Usememos Memos Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0. | 5.4 |
| 2022-12-30 | CVE-2022-4863 | Improper Handling of Insufficient Permissions or Privileges vulnerability in Usememos Memos Improper Handling of Insufficient Permissions or Privileges in GitHub repository usememos/memos prior to 0.9.1. | 6.5 |
| 2022-12-28 | CVE-2022-4798 | Authorization Bypass Through User-Controlled Key vulnerability in Usememos Memos Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | 5.3 |
| 2022-12-28 | CVE-2022-4799 | Authorization Bypass Through User-Controlled Key vulnerability in Usememos Memos Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. | 6.5 |