Lucene search
GitHub Advisory DatabaseGHSA-2G7R-9XQ5-C6HVHistorySep 18, 2023 - 6:30 a.m.
Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-1806:30:14
CWE-352
GitHub Advisory Database
github.com
8
cross-site request forgery
github
usememos/memos
software
vulnerability
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
24.3%
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.
Affected configurations
Node
usememosmemosRange<0.15.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/usememos/memos | lt | 0.15.1 |
Related
nvd
nvd
CVE-2023-5036
2023-09-18 06:15:08
huntr
huntr
XSS/CSRF in GetImage Endpoint
2023-09-15 06:46:41
cve
cve
CVE-2023-5036
2023-09-18 06:15:08
osv
osv
CVE-2023-5036
2023-09-18 06:15:08
Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-18 06:30:14
veracode
veracode
Cross Site Scripting
2023-09-21 07:22:04
prion
prion
Cross site request forgery (csrf)
2023-09-18 06:15:00
cvelist
cvelist
CVE-2023-5036 Cross-Site Request Forgery (CSRF) in usememos/memos
2023-09-18 05:46:44
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.001 Low
EPSS
Percentile
24.3%
Related for GHSA-2G7R-9XQ5-C6HV