Lucene search
GitHub Advisory DatabaseGHSA-5JQP-WMHJ-G33FHistoryDec 29, 2022 - 6:30 p.m.
usememos/memos Cross-Site Request Forgery vulnerability
2022-12-2918:30:24
CWE-352
GitHub Advisory Database
github.com
5
cross-site request forgery
github
software
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.6%
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos 0.9.0 and prior.
Affected configurations
Node
usememosmemosRange≤0.9.0
Related
cvelist
cvelist
CVE-2022-4844 Cross-Site Request Forgery (CSRF) in usememos/memos
2022-12-29 00:00:00
osv
osv
CVE-2022-4844
2022-12-29 18:15:10
usememos/memos Cross-Site Request Forgery vulnerability
2022-12-29 18:30:24
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-03 07:17:45
nvd
nvd
CVE-2022-4844
2022-12-29 18:15:10
huntr
huntr
prion
prion
Cross site request forgery (csrf)
2022-12-29 18:15:00
cve
cve
CVE-2022-4844
2022-12-29 18:15:10
CVSS3
8.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS
0.001
Percentile
47.6%
Related for GHSA-5JQP-WMHJ-G33F