Lucene search
Veracode Vulnerability DatabaseVERACODE:38738HistoryJan 03, 2023 - 6:50 a.m.
Cross-site Scripting (XSS)
2023-01-0306:50:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
cross-site scripting
github
stored
attack
user-input
sanitization
vulnerability
malicious
javascript
execution.
EPSS
0.001
Percentile
21.9%
github.com/usememos/memos is vulnerable to stored cross-site scripting attacks. The vulnerability exists due to improper user-input sanitization, which allows an attacker to create a memo with a malicious payload, resulting in malicious javascript execution.
Related
github
github
usememos/memos vulnerable to stored Cross-site Scripting
2022-12-29 18:30:24
osv
osv
usememos/memos vulnerable to stored Cross-site Scripting
2022-12-29 18:30:24
CVE-2022-4840
2022-12-29 17:15:21
cve
cve
CVE-2022-4840
2022-12-29 17:15:21
cvelist
cvelist
CVE-2022-4840 Cross-site Scripting (XSS) - Stored in usememos/memos
2022-12-29 00:00:00
huntr
huntr
Stored XSS in memos while creating
2022-12-23 15:37:52
prion
prion
Cross site scripting
2022-12-29 17:15:00
nvd
nvd
CVE-2022-4840
2022-12-29 17:15:21