CVE-2023-0111

CVSS V2 None CVSS V3 None

Description

Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.10.0.

Overview

CVE ID
CVE-2023-0111

Assigner
security@huntr.dev

Vulnerability Status
Analyzed

Published Version
2023-01-07T04:15:08

Last Modified Date
2023-01-12T15:05:27

Weakness Enumerations

CWE	URL
CWE-79	http://cwe.mitre.org/data/definitions/79.html

CPE Configuration (Product)

CPE	Vulnerable	Operator	Version Start	Version End
cpe:2.3:a:usememos:memos::::::::	1	OR		0.10.0

References

Reference URL	Reference Tags
https://github.com/usememos/memos/commit/46c13a4b7f675b92d297df6dabb4441f13c7cd9c
https://huntr.dev/bounties/70da256c-977a-487e-8a6a-9ae22caedbe3

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-0111
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-0111

History

Created	Old Value	New Value	Data Type	Notes
2023-01-07 04:38:41				Added to TrackCVE
2023-01-07 04:38:42			Weakness Enumeration	new
2023-01-08 05:21:06		2023-01-08T05:11:13	CVE Modified Date	updated
2023-01-08 05:21:06	Received	Awaiting Analysis	Vulnerability Status	updated
2023-01-08 05:21:10			CVSS V3 information	new
2023-01-10 14:18:37	Awaiting Analysis	Undergoing Analysis	Vulnerability Status	updated
2023-01-10 14:18:41			CVSS V3 information	new
2023-01-12 15:15:45		2023-01-12T15:05:27	CVE Modified Date	updated
2023-01-12 15:15:45	Undergoing Analysis	Analyzed	Vulnerability Status	updated
2023-01-12 15:15:49			CPE Information	updated
2023-01-12 15:15:49			CVSS V3 information	new