Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:HUsememos Memos
APPUsememos< 0.9.1
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
Tags
XSS
CWE
Related vulnerabilities
CVE-2025-50738CRITICAL9.8PL ✓ten sam produkt
Ujawnienie danych użytkownika przez osadzanie obrazków Markdown w Memos
CVE-2025-22952CRITICAL9.8PL ✓ten sam produkt
SSRF w Usememos Memos — brak walidacji URL dostarczanych przez użytkownika
CVE-2023-4696CRITICAL9.8ten sam produkt
Improper Access Control in GitHub repository usememos/memos prior to 0.13.2.
CVE-2022-4866CRITICAL9.0ten sam produkt
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
CVE-2022-4686CRITICAL9.8ten sam produkt
Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.0.