Lucene search
@huntrdevCVE-2022-4848HistoryDec 29, 2022 - 6:15 p.m.
CVE-2022-4848
2022-12-2918:15:10
CWE-940
@huntrdev
web.nvd.nist.gov
46
cve-2022-4848
improper verification
github
repository
nvd
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1.
Affected configurations
Node
usememosmemosRange<0.9.1
CNA Affected
[
{
"vendor": "usememos",
"product": "usememos/memos",
"versions": [
{
"version": "unspecified",
"lessThan": "0.9.1",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel in github.com/usememos/memos
2024-08-21 16:04:04
CVE-2022-4848
2022-12-29 18:15:10
prion
prion
Input validation
2022-12-29 18:15:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-03 08:29:26
nvd
nvd
CVE-2022-4848
2022-12-29 18:15:10
cvelist
cvelist
huntr
huntr
CSRF to add shortcuts to victim account
2022-12-28 13:22:52
github
github
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Related for CVE-2022-4848