github.com/usememos/memos is vulnerability to Cross-Site Scripting (XSS). The vulnerability exists in server.go
because when a svg file containing malicious data is uploaded it will not filter the content of the uploaded files and will be triggered when the user accesses.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.8.3 | |
github.com/usememos/memos | le | v0.8.3 |