Severity: high (8.8)

First published: Mon Sep 18 2023

Last modified: Wed Sep 20 2023

CWE: 352

Cross-Site Request Forgery (CSRF) in GitHub repository usememos/memos prior to 0.15.1.

Any of

  • go/github.com/usememos/memos
    fixed in: 0.15.1
  • Usememos Memos


  • What is the vulnerability ID for this issue?

    The vulnerability ID for this issue is CVE-2023-5036.

  • What is the severity of CVE-2023-5036?

    The severity of CVE-2023-5036 is high.

  • Which software versions are affected by CVE-2023-5036?

    The versions of GitHub repository usememos/memos prior to 0.15.1 are affected by CVE-2023-5036.

  • What is Cross-Site Request Forgery (CSRF)?

    Cross-Site Request Forgery (CSRF) is a type of security vulnerability that allows an attacker to manipulate requests performed by a victim user in their web browser.

  • How do I fix CVE-2023-5036?

    To fix CVE-2023-5036, update your GitHub repository usememos/memos to version 0.15.1 or higher.

SecAlerts Pty Ltd.
Fortitude Valley,
QLD 4006, Australia
© Copyright 2023 - ABN: 70 645 966 203, ACN: 645 966 203