CVE-2023-0110

CVSS V2 None CVSS V3 None

Description

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

Overview

CVE ID
CVE-2023-0110

Assigner
security@huntr.dev

Vulnerability Status
Analyzed

Published Version
2023-01-07T04:15:08

Last Modified Date
2023-01-12T15:05:16

Weakness Enumerations

CWE	URL
CWE-79	http://cwe.mitre.org/data/definitions/79.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:usememos:memos::::::::	1	OR		0.10.0

References

Reference URL	Reference Tags
https://github.com/usememos/memos/commit/46c13a4b7f675b92d297df6dabb4441f13c7cd9c
https://huntr.dev/bounties/6e4a1961-dbca-46f6-ae21-c25a621e54a7

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-0110
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0110

History

Created	Old Value	New Value	Data Type	Notes
2023-01-07 04:38:40				Added to TrackCVE
2023-01-07 04:38:40			Weakness Enumeration	new
2023-01-08 05:21:05		2023-01-08T05:11:13	CVE Modified Date	updated
2023-01-08 05:21:05	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-08 05:21:08			CVSS V3 information	new
2023-01-10 14:18:36	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-10 14:18:39			CVSS V3 information	new
2023-01-12 15:15:45		2023-01-12T15:05:16	CVE Modified Date	updated
2023-01-12 15:15:45	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-12 15:15:48			CPE Information	updated
2023-01-12 15:15:48			CVSS V3 information	new