Lucene search
HistorySep 18, 2023 - 6:15 a.m.
CVE-2023-5036
cve-2023-5036
cross-site request forgery
csrf
github
repository
nvd
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.2%
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.
Affected configurations
Node
usememosmemosRange<0.15.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| usememos:memos | usememos memos | lt | 0.15.1 |
CNA Affected
[
{
"vendor": "usememos",
"product": "usememos/memos",
"versions": [
{
"version": "unspecified",
"lessThan": "0.15.1",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
osv
osv
Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-18 06:30:14
CVE-2023-5036
2023-09-18 06:15:08
prion
prion
Cross site request forgery (csrf)
2023-09-18 06:15:00
cvelist
cvelist
CVE-2023-5036 Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-18 05:46:44
veracode
veracode
Cross Site Scripting
2023-09-21 07:22:04
huntr
huntr
XSS/CSRF in GetImage Endpoint
2023-09-15 06:46:41
github
github
Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-18 06:30:14
nvd
nvd
CVE-2023-5036
2023-09-18 06:15:08
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
24.2%
Related for CVE-2023-5036