11 matches found
CVE-2023-4697
Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-4696
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-4698
Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2.
CVE-2023-5036
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.
CVE-2023-0107
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0110
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2022-25978
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.
CVE-2023-0106
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0111
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0112
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0108
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.