Lucene search

CVE-2022-4692 Cross-site Scripting (XSS) - Stored in usememos/memos

🗓️ 23 Dec 2022 00:00:00Reported by @huntrdevType

Cross-site Scripting (XSS) in usememos/memos prior to 0.9.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
Prion	Cross site scripting	23 Dec 202220:15	–	prion
OSV	GHSA-F552-97QX-C694 usememos/memos vulnerable to stored Cross-site Scripting	23 Dec 202221:30	–	osv
OSV	CVE-2022-4692	23 Dec 202220:15	–	osv
OSV	GO-2022-1216 usememos/memos vulnerable to stored Cross-site Scripting in github.com/usememos/memos	21 Aug 202416:03	–	osv
Veracode	Cross-Site Scripting (XSS)	27 Dec 202207:54	–	veracode
Veracode	Cross-site Scripting (XSS)	3 Jan 202309:05	–	veracode
CVE	CVE-2022-4692	23 Dec 202220:15	–	cve
Huntr	XSS by uploading svg files	20 Dec 202214:45	–	huntr
RedhatCVE	CVE-2022-4692	5 Feb 202520:22	–	redhatcve
Vulnrichment	CVE-2022-4692 Cross-site Scripting (XSS) - Stored in usememos/memos	23 Dec 202200:00	–	vulnrichment

[
  {
    "vendor": "usememos",
    "product": "usememos/memos",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.9.0",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
huntr	www.huntr.dev/bounties/9d1ed6ea-f7a0-4561-9325-a2babef99c74
github	www.github.com/usememos/memos/commit/c07b4a57caa89905e54b800f4d8fb720bbf5bf82

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Dec 2022 00:00Current

5.5Medium risk

Vulners AI Score5.5

CVSS37.1

EPSS0.0009

CWE-79