Lucene search
GoogleOSV:GHSA-VH43-CC6X-PRPRHistoryDec 29, 2022 - 6:30 p.m.
usememos/memos vulnerable to Improper Verification of Source of a Communication Channel
2022-12-2918:30:24
Google
osv.dev
5
improper verification
source communication
software vulnerability
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos 0.9.0 and prior.
Related
osv
osv
CVE-2022-4848
2022-12-29 18:15:10
prion
prion
Input validation
2022-12-29 18:15:00
veracode
veracode
Cross-Site Request Forgery (CSRF)
2023-01-03 08:29:26
nvd
nvd
CVE-2022-4848
2022-12-29 18:15:10
huntr
huntr
CSRF to add shortcuts to victim account
2022-12-28 13:22:52
github
github
cve
cve
CVE-2022-4848
2022-12-29 18:15:10
cvelist
cvelist
CVSS3
5.7
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
21.9%
Related for OSV:GHSA-VH43-CC6X-PRPR