Lucene search
@huntrdevCVE-2022-4800HistoryDec 28, 2022 - 2:15 p.m.
CVE-2022-4800
2022-12-2814:15:10
CWE-940
@huntrdev
web.nvd.nist.gov
36
cve-2022-4800
github
repository
nvd
security
vulnerability
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
30.7%
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
Affected configurations
Node
usememosmemosRange<0.9.1
CNA Affected
[
{
"vendor": "usememos",
"product": "usememos/memos",
"versions": [
{
"version": "unspecified",
"lessThan": "0.9.1",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
CVE-2022-4800
2022-12-28 14:15:10
cvelist
cvelist
prion
prion
Input validation
2022-12-28 14:15:00
huntr
huntr
CSRF allows attacker to add malicious tags to vitim account
2022-12-23 16:51:16
nvd
nvd
CVE-2022-4800
2022-12-28 14:15:10
github
github
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-02 09:27:41
CVSS3
6.5
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
30.7%
Related for CVE-2022-4800