Lucene search
Veracode Vulnerability DatabaseVERACODE:38538HistoryDec 20, 2022 - 6:06 a.m.
Cross-site Scripting (XSS)
2022-12-2006:06:26
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
cross-site scripting
github
usememos
memos
vulnerable
registerresourceroutes
resource.go
file upload
sensitive information
0.001 Low
EPSS
Percentile
20.3%
github.com/usememos/memos is vulnerable to cross-site scripting. The vulnerability exists in the registerResourceRoutes function in resource.go because memos allow users to upload a file and make it public to others which may allow an attacker to gain access to potentially sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/usememos/memos | le | v0.8.3 | |
| github.com/usememos/memos | le | v0.8.3 |
Related
osv
osv
CVE-2022-4609
2022-12-19 12:15:11
Memos Cross-site Scripting vulnerability
2022-12-19 12:30:23
prion
prion
Cross site scripting
2022-12-19 12:15:00
cvelist
cvelist
CVE-2022-4609 Cross-site Scripting (XSS) - Stored in usememos/memos
2022-12-19 00:00:00
cve
cve
CVE-2022-4609
2022-12-19 12:15:11
huntr
huntr
Cross-site scripting
2022-11-23 16:51:57
nvd
nvd
CVE-2022-4609
2022-12-19 12:15:11
github
github
Memos Cross-site Scripting vulnerability
2022-12-19 12:30:23