10 matches found
CVE-2023-4696
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
CVE-2022-4866
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4797
Improper Restriction of Excessive Authentication Attempts in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4851
Improper Handling of Values in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4686
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.
CVE-2022-4802
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1.
CVE-2025-22952
elestio memos v0.23.0 is vulnerable to Server-Side Request Forgery (SSRF) due to insufficient validation of user-supplied URLs, which can be exploited to perform SSRF attacks.
CVE-2022-4865
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2023-0106
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.
CVE-2023-0109
A stored cross-site scripting (XSS) vulnerability was discovered in usememos/memos version 0.9.1. This vulnerability allows an attacker to upload a JavaScript file containing a malicious script and reference it in an HTML file. When the HTML file is accessed, the malicious script is executed. This ...