Product:

Memos

(Usememos)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 58
Date Id Summary Products Score Patch Annotated
2023-02-15 CVE-2022-25978 All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme. Memos 6.1
2023-09-18 CVE-2023-5036 Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1. Memos 8.8
2023-09-01 CVE-2023-4696 Improper Access Control in GitHub repository usememos/memos prior to 0.13.2. Memos 9.8
2023-09-01 CVE-2023-4697 Improper Privilege Management in GitHub repository usememos/memos prior to 0.13.2. Memos 8.8
2023-09-01 CVE-2023-4698 Improper Input Validation in GitHub repository usememos/memos prior to 0.13.2. Memos 7.5
2022-12-27 CVE-2022-4734 Improper Removal of Sensitive Information Before Storage or Transfer in GitHub repository usememos/memos prior to 0.9.1. Memos 4.3
2022-12-28 CVE-2022-4811 Authorization Bypass Through User-Controlled Key vulnerability in usememos usememos/memos.This issue affects usememos/memos before 0.9.1. Memos 5.4
2022-12-23 CVE-2022-4686 Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0. Memos 9.8
2022-12-23 CVE-2022-4683 Sensitive Cookie in HTTPS Session Without 'Secure' Attribute in GitHub repository usememos/memos prior to 0.9.0. Memos 6.5
2022-12-28 CVE-2022-4808 Improper Privilege Management in GitHub repository usememos/memos prior to 0.9.1. Memos 8.8