Approved changes feed: RSS · Atom

cpe:2.3:a:n/a:github.com/usememos/memos/server:*:*:*:*:*:*:*:*

part: a version: * update: *

VendorN/A (22f567d3-1203-528c-8f0e-3eb9c2f6ca78)
ProductGithub.Com/Usememos/Memos/Server (70a4a0f8-0ba9-5375-80e6-f2ef81700e27)
Edition*
Language*
Software edition*
Target software*
Target hardware*
Other*
NotesImported from gcve-enriched-dumps CVE data

PURL mappings

PURLSourceLast updated
No PURL mappings for this CPE yet.

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-25978 vulnerable 2026-06-08 05:41:49.804730 Details available
MEDIUM (5.4)
All versions of the package github.com/usememos/memos/server are vulnerable to Cross-site Scripting (XSS) due to insufficient checks on external resources, which allows malicious actors to introduce links starting with a javascript: scheme.
Published: 2023-02-15T05:00:01.227Z
Updated: 2025-03-18T15:45:00.654Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.