github.com/usememos/memos is vulnerable to stored cross-site scripting attacks. An attacker is able to pass XSS payload through the creation of a new post, resulting in malicious javascript execution on victim’s browser.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.9.0 | |
github.com/usememos/memos | le | v0.9.0 |