Lucene search
@huntrdevCVELIST:CVE-2022-4865HistoryDec 31, 2022 - 12:00 a.m.
CVE-2022-4865 Cross-site Scripting (XSS) - Stored in usememos/memos
2022-12-3100:00:00
CWE-79
@huntrdev
www.cve.org
cve-2022-4865
cross-site scripting
usememos/memos
8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.3%
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CNA Affected
[
{
"vendor": "usememos",
"product": "usememos/memos",
"versions": [
{
"version": "unspecified",
"lessThan": "0.9.1",
"status": "affected",
"versionType": "custom"
}
]
}
]Related
cve
cve
CVE-2022-4865
2022-12-31 09:15:08
veracode
veracode
Cross-site Scripting (XSS)
2023-01-02 17:21:45
prion
prion
Cross site scripting
2022-12-31 09:15:00
osv
osv
usememos/memos Cross-site Scripting vulnerability
2022-12-31 09:30:42
CVE-2022-4865
2022-12-31 09:15:08
github
github
usememos/memos Cross-site Scripting vulnerability
2022-12-31 09:30:42
huntr
huntr
Bypass Stored XSS while creating a new post
2022-12-30 09:18:55
nvd
nvd
CVE-2022-4865
2022-12-31 09:15:08
8.3 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
LOW
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:L
8.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
34.3%
Related for CVELIST:CVE-2022-4865