Critical severity9.0NVD Advisory· Published Dec 31, 2022· Updated Jun 17, 2026
CVE-2022-4866
CVE-2022-4866
Description
Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos prior to 0.9.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/usememos/memosGo | < 0.9.1 | 0.9.1 |
Affected products
2- usememos/usememos/memosv5Range: unspecified
Patches
Vulnerability mechanics
References
4- github.com/usememos/memos/commit/7670c9536000bb32c6345d4906a91268dcddd5fcnvdPatchThird Party AdvisoryWEB
- huntr.dev/bounties/39c04778-6228-4f07-bdd4-ab17f246dbffnvdExploitThird Party AdvisoryWEB
- github.com/advisories/GHSA-x9p9-v3x6-68mqghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2022-4866ghsaADVISORY
News mentions
0No linked articles in our index yet.