Lucene search
HistorySep 01, 2023 - 1:15 a.m.
CVE-2023-4696
github repository
access control
vulnerability
usememos
memos
cve-2023
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
57.9%
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
Affected configurations
Node
usememosmemosRange<0.13.2
Related
osv
osv
CVE-2023-4696
2023-09-01 01:15:08
Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos in github.com/usememos/memos
2024-08-21 14:17:52
Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos
2023-09-01 03:30:14
cve
cve
CVE-2023-4696
2023-09-01 01:15:08
github
github
Account TakeOver Due to Improper Handling of JWT Tokens in usememos/memos
2023-09-01 03:30:14
cvelist
cvelist
CVE-2023-4696 Improper Access Control in usememos/memos
2023-09-01 00:00:19
huntr
huntr
Account TakeOver Due to Improper Handling of JWT Tokens
2023-04-20 11:00:09
veracode
veracode
Authorization Bypass
2023-09-05 14:58:36
prion
prion
Improper access control
2023-09-01 01:15:00
CVSS3
9.8
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
AI Score
9.6
Confidence
High
EPSS
0.002
Percentile
57.9%
Related for NVD:CVE-2023-4696