CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
AI Score
Confidence
High
usememos/memos vulnerable to stored cross-site scripting (XSS) in github.com/usememos/memos
github.com/advisories/GHSA-c8jh-vcjh-fx2w
github.com/usememos/memos
github.com/usememos/memos/commit/65cc19c12efa392f792f6bb154b4838547e0af5e
github.com/usememos/memos/commit/c07b4a57caa89905e54b800f4d8fb720bbf5bf82
github.com/usememos/memos/pull/833
huntr.dev/bounties/7e1be91d-3b13-4300-8af2-9bd9665ec335
nvd.nist.gov/vuln/detail/CVE-2022-4690