Lucene search

CVE-2022-4849 Cross-Site Request Forgery (CSRF) in usememos/memos

🗓️ 29 Dec 2022 00:00:00Reported by @huntrdevType

CVE-2022-4849 CSRF in usememos/memos prior to 0.9.

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 12
Huntr	CSRF allows attacker to post on behalf of victim	23 Dec 202216:43	–	huntr
NVD	CVE-2022-4849	29 Dec 202218:15	–	nvd
CVE	CVE-2022-4849	29 Dec 202218:15	–	cve
OSV	usememos/memos Cross-Site Request Forgery vulnerability	29 Dec 202218:30	–	osv
OSV	CVE-2022-4849	29 Dec 202218:15	–	osv
OSV	GO-2022-1250 usememos/memos Cross-Site Request Forgery vulnerability in github.com/usememos/memos	21 Aug 202416:04	–	osv
Prion	Cross site request forgery (csrf)	29 Dec 202218:15	–	prion
Vulnrichment	CVE-2022-4849 Cross-Site Request Forgery (CSRF) in usememos/memos	29 Dec 202200:00	–	vulnrichment
RedhatCVE	CVE-2022-4849	5 Feb 202520:23	–	redhatcve
CNVD	memos cross-site request forgery vulnerability (CNVD-2023-04537)	3 Jan 202300:00	–	cnvd

[
  {
    "vendor": "usememos",
    "product": "usememos/memos",
    "versions": [
      {
        "version": "unspecified",
        "lessThan": "0.9.1",
        "status": "affected",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
github	www.github.com/usememos/memos/commit/c9bb2b785dc5852655405d5c9ab127a2d5aa3948
huntr	www.huntr.dev/bounties/404ce7dd-f345-4d98-ad80-c53ac74f4e5c

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

29 Dec 2022 00:00Current

6.8Medium risk

Vulners AI Score6.8

CVSS38.3

EPSS0.00058

CWE-352

cve-2022-4849 csrf usememos memos prior 0.9.1