Lucene search

CVE-2022-4865

🗓️ 31 Dec 2022 09:08:15Reported by @huntrdevType

CVE-2022-4865 Cross-site Scripting (XSS) in GitHub repository usememos/memos prior to 0.9.1

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
Prion	Cross site scripting	31 Dec 202209:15	–	prion
Veracode	Cross-site Scripting (XSS)	2 Jan 202317:21	–	veracode
OSV	GHSA-8W5Q-5FPQ-V4PM usememos/memos Cross-site Scripting vulnerability	31 Dec 202209:30	–	osv
OSV	CVE-2022-4865	31 Dec 202209:15	–	osv
Github Security Blog	usememos/memos Cross-site Scripting vulnerability	31 Dec 202209:30	–	github
Huntr	Bypass Stored XSS while creating a new post	30 Dec 202209:18	–	huntr
RedhatCVE	CVE-2022-4865	5 Feb 202520:20	–	redhatcve
NVD	CVE-2022-4865	31 Dec 202209:15	–	nvd
Cvelist	CVE-2022-4865 Cross-site Scripting (XSS) - Stored in usememos/memos	31 Dec 202200:00	–	cvelist
Vulnrichment	CVE-2022-4865 Cross-site Scripting (XSS) - Stored in usememos/memos	31 Dec 202200:00	–	vulnrichment

Nvd

Node

usememos memosRange<0.9.1

[
  {
    "vendor": "usememos",
    "product": "usememos/memos",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.9.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.dev/bounties/cd8765a2-bf28-4019-8647-882ccf63b2be
github	www.github.com/usememos/memos/commit/7670c9536000bb32c6345d4906a91268dcddd5fc

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

31 Dec 2022 09:15Current

8.4High risk

Vulners AI Score8.4

CVSS38.3 - 9

EPSS0.0015

SSVC

CWE-79