Lucene search
China National Vulnerability DatabaseCNVD-2023-05748HistoryJan 13, 2023 - 12:00 a.m.
memos cross-site scripting vulnerability (CNVD-2023-05748)
2023-01-1300:00:00
China National Vulnerability Database
www.cnvd.org.cn
5
memos
open source
cross-site scripting
vulnerability
csp
attacker
bypass
0.001 Low
EPSS
Percentile
20.3%
memos is an open source hosted memo center with knowledge management and social features. memos versions prior to 0.10.0 have a cross-site scripting vulnerability that stems from its csp being too simple to allow an attacker to bypass. No detailed vulnerability details are available at this time.
| CPE | Name | Operator | Version |
|---|---|---|---|
| usememos memos | lt | 0.10.0 |
Related
huntr
huntr
CSP passby via js file
2022-12-23 15:56:39
osv
osv
usememos/memos vulnerable to stored Cross-site Scripting
2023-01-07 06:30:19
CVE-2023-0110
2023-01-07 04:15:08
cve
cve
CVE-2023-0110
2023-01-07 04:15:08
veracode
veracode
Cross-site Scripting (XSS)
2023-07-28 04:27:55
prion
prion
Cross site scripting
2023-01-07 04:15:00
nvd
nvd
CVE-2023-0110
2023-01-07 04:15:08
cvelist
cvelist
CVE-2023-0110 Cross-site Scripting (XSS) - Stored in usememos/memos
2023-01-07 00:00:00
github
github
usememos/memos vulnerable to stored Cross-site Scripting
2023-01-07 06:30:19