CVE-2022-4850: Cross-Site Request Forgery (CSRF) in usememos/memos
First published: Thu Dec 29 2022(Updated: )
Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.9.1.
Credit: security@huntr.dev security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Usememos Memos | <0.9.1 | |
| <0.9.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this CSRF vulnerability?
The vulnerability ID for this CSRF vulnerability is CVE-2022-4850.
What is the severity of CVE-2022-4850?
The severity of CVE-2022-4850 is medium with a severity score of 6.5.
What is the affected software for CVE-2022-4850?
The affected software for CVE-2022-4850 is Usememos Memos version up to 0.9.1.
How can I fix CVE-2022-4850?
To fix CVE-2022-4850, update the Usememos Memos repository to version 0.9.1 or above.
What is the Common Weakness Enumeration (CWE) ID for CVE-2022-4850?
The Common Weakness Enumeration (CWE) ID for CVE-2022-4850 is CWE-352.
- collector/nvd-index
- agent/references
- agent/type
- agent/remedy
- collector/mitre-cve
- source/MITRE
- agent/severity
- agent/title
- agent/weakness
- agent/description
- agent/first-publish-date
- collector/nvd-api
- source/NVD
- agent/software-canonical-lookup
- agent/last-modified-date
- agent/author
- agent/softwarecombine
- agent/tags
- agent/event
- vendor/usememos
- canonical/usememos memos