What is the vulnerability ID for this issue?

The vulnerability ID for this issue is CVE-2023-5036.

What is the severity of CVE-2023-5036?

The severity of CVE-2023-5036 is high.

Which software versions are affected by CVE-2023-5036?

The versions of GitHub repository usememos/memos prior to 0.15.1 are affected by CVE-2023-5036.

What is Cross-Site Request Forgery (CSRF)?

Cross-Site Request Forgery (CSRF) is a type of security vulnerability that allows an attacker to manipulate requests performed by a victim user in their web browser.

How do I fix CVE-2023-5036?

To fix CVE-2023-5036, update your GitHub repository usememos/memos to version 0.15.1 or higher.

vuln-group

CVE-2023-5036

Severity: high (8.8)

First published: Mon Sep 18 2023

Last modified: Wed Sep 20 2023

CWE: 352

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.

Any of

go/github.com/usememos/memos
<0.15.1
fixed in: 0.15.1
Usememos Memos
<0.15.1

FAQ

What is the vulnerability ID for this issue?
The vulnerability ID for this issue is CVE-2023-5036.
What is the severity of CVE-2023-5036?
The severity of CVE-2023-5036 is high.
Which software versions are affected by CVE-2023-5036?
The versions of GitHub repository usememos/memos prior to 0.15.1 are affected by CVE-2023-5036.
What is Cross-Site Request Forgery (CSRF)?
Cross-Site Request Forgery (CSRF) is a type of security vulnerability that allows an attacker to manipulate requests performed by a victim user in their web browser.
How do I fix CVE-2023-5036?
To fix CVE-2023-5036, update your GitHub repository usememos/memos to version 0.15.1 or higher.