506 matches found
CVE-2022-4866
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4695
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...
CVE-2022-4839
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4804
Improper Authorization in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4840
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4691
Cross-site Scripting XSS - Stored in GitHub repository usememos/memos prior to 0.9.0...
CVE-2022-4800
Improper Verification of Source of a Communication Channel in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4811
Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1...
CVE-2022-4806
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4734
Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4796
Incorrect Use of Privileged APIs in GitHub repository usememos/memos prior to 0.9.1...
CVE-2022-4688
Improper Authorization in GitHub repository usememos/memos prior to 0.9.0...
SUSE CVE-2023-0109
A stored cross-site scripting XSS vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This...
GO-2024-3274 Stored XSS using two files in usememos/memos in github.com/usememos/memos
Stored XSS using two files in usememos/memos in github.com/usememos/memos...
CVE-2023-0109
A stored cross-site scripting XSS vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This...
CVE-2023-0109 Stored XSS in usememos/memos
A stored cross-site scripting XSS vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This...
CVE-2023-0109 Stored XSS in usememos/memos
A stored cross-site scripting XSS vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This...
Cross-Origin Resource Sharing (CORS) Bypass
github.com/usememos/memos is vulnerable to Cross-Origin Resource Sharing CORS Bypass. The vulnerability is due to a CORS misconfiguration where an arbitrary origin is reflected with Access-Control-Allow-Credentials set to true, which may allow an attacker to perform cross-origin requests,...
GO-2022-1263 usememos/memos Improper Access Control vulnerability in github.com/usememos/memos
usememos/memos Improper Access Control vulnerability in github.com/usememos/memos...
GO-2022-1264 usememos/memos has Incorrectly Specified Destination in a Communication Channel in github.com/usememos/memos
usememos/memos has Incorrectly Specified Destination in a Communication Channel in github.com/usememos/memos...