Lucene search

Veracode Vulnerability DatabaseVERACODE:43331

HistorySep 21, 2023 - 7:22 a.m.

Cross Site Scripting

2023-09-2107:22:04

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

cross site scripting

endpoint vulnerability

insufficient checks

external images

svg file

javascript execution

memos software

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

24.3%

JSON

memos is vulnerable to Cross Site Scripting. The vulnerability is due to insufficient checks in the following /o/get/image?url= endpoint which is used to fetch external images. This can be exploited by the attacker to fetch malicious external image such as svg file and execute malicious javascript at the client side.

CPENameOperatorVersion
github.com/usememos/memosle0.15.0
github.com/usememos/memosle0.15.0

CPE	Name	Operator	Version
	github.com/usememos/memos	le	0.15.0
	github.com/usememos/memos	le	0.15.0

References

github.com/advisories/GHSA-2g7r-9xq5-c6hv

github.com/usememos/memos/commit/97b434722cf0abe3cfcad5ac9e3d520233bf1536

huntr.dev/bounties/46881df7-eb41-4ce2-a78f-82de9bc4fc2d

8.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

0.001 Low

EPSS

Percentile

24.3%

JSON

Related for VERACODE:43331