github.com/usememos/memos is vulnerable to cross-site scripting. The vulnerability exists in the registerResourceRoutes
function in resource.go
because memos allow users to upload a file and make it public to others which may allow an attacker to gain access to potentially sensitive information.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.8.3 | |
github.com/usememos/memos | le | v0.8.3 |