6574 matches found
CVE-2022-4841 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4839 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4849 Cross-Site Request Forgery (CSRF) in usememos/memos
Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4850 Cross-Site Request Forgery (CSRF) in usememos/memos
Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4851 Improper Handling of Values in usememos/memos
Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4839 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4845 Cross-Site Request Forgery (CSRF) in usememos/memos
Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4851 Improper Handling of Values in usememos/memos
Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4848 Improper Verification of Source of a Communication Channel in usememos/memos
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4840 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4844 Cross-Site Request Forgery (CSRF) in usememos/memos
Cross-Site Request Forgery CSRF in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4844
CVE-2022-4844 affects usememos/memos prior to 0.9.1. A CSRF vulnerability exists in the web app that could allow an attacker to induce authenticated actions (e.g., creating a HOST user) without user consent. Exploitation details are provided in Huntr’s PoC and related advisories, with remediation...
CVE-2022-4846
CVE-2022-4846 concerns Cross-Site Request Forgery (CSRF) in the open-source memo platform usememos/memos, with affected versions prior to 0.9.1. Multiple connected sources confirm the vulnerability in this GitHub-hosted project and reference similar advisories (GHSA, CNVD/CNNVD, OSV) describing C...
CVE-2022-4841 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4848 Improper Verification of Source of a Communication Channel in usememos/memos
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4847 Incorrectly Specified Destination in a Communication Channel in usememos/memos
Incorrectly Specified Destination in a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4839 Cross-site Scripting (XSS) - Stored in usememos/memos
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
GHSA-R3P3-5F35-H6MF usememos/memos Improper Privilege Management vulnerability
Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1...
GHSA-6FX9-29X2-FMFJ usememos/memos Improper Access Control vulnerability
Improper Access Control in GitHub repository usememos/memos 0.9.0 and prior...
GHSA-M5PR-WM6Q-X4G2 usememos/memos vulnerable to Comparison of Object References Instead of Object Contents
Comparison of Object References Instead of Object Contents in GitHub repository usememos/memos 0.9.0 and prior...