GSA_kwCzR0hTQS0yZzdyLTl4cTUtYzZods4AA167

High EPSS: 0.0006% (0.19036 Percentile) EPSS:

Permalink JSON

Cross-Site Request Forgery (CSRF) in usememos/memos

Affected Packages	Affected Versions	Fixed Versions
go:github.com/usememos/memos	< 0.15.1	0.15.1
0 Dependent packages 0 Dependent repositories Affected Version Ranges All affected versions 0.0.1, 0.1.0, 0.1.1, 0.1.2, 0.1.3, 0.2.0, 0.2.1, 0.2.2, 0.3.0, 0.3.1, 0.4.0, 0.4.1, 0.4.2, 0.4.3, 0.4.4, 0.4.5, 0.5.0, 0.6.0, 0.6.1, 0.7.0, 0.7.1, 0.7.2, 0.7.3, 0.8.0, 0.8.1, 0.8.2, 0.8.3, 0.9.0, 0.9.1, 0.10.0, 0.10.1, 0.10.2, 0.10.3, 0.11.0, 0.11.1, 0.11.2, 0.12.0, 0.12.1, 0.12.2, 0.13.0, 0.13.1, 0.13.2, 0.14.0, 0.14.1, 0.14.2, 0.14.3, 0.14.4, 0.15.0 All unaffected versions 0.15.1, 0.15.2, 0.16.0, 0.16.1, 0.17.0, 0.17.1, 0.18.0, 0.18.1, 0.18.2, 0.19.0, 0.19.1, 0.20.0, 0.20.1, 0.21.0, 0.21.1, 0.22.0, 0.22.1, 0.22.2, 0.22.3, 0.22.4, 0.22.5, 0.23.0, 0.23.1, 0.24.0, 0.24.1, 0.24.2, 0.24.3, 0.24.4, 0.25.0

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.

References:

Identifiers

GHSA-2g7r-9xq5-c6hv

CVE-2023-5036

Risk

Severity

High

EPSS

EPSS Percentage: 0.0006

EPSS Percentile: 0.19036

Classification

General

Source

GitHub Advisory Database

Origin

Unspecified

Repository

https://github.com/usememos/memos

Date and time

Published

almost 2 years ago

Updated

over 1 year ago

API

JSON

ecosyste.ms

Data

Tools

Indexes

Applications

Experiments

Advisories