add go/github.com/usememos/memos/CVE-2023-0108.yml to branch

go/github.com/usememos/memos/CVE-2023-0108.yml

+---
+identifier: "CVE-2023-0108"
+identifiers:
+- "GHSA-fpjc-cxr6-w6h8"
+- "CVE-2023-0108"
+package_slug: "go/github.com/usememos/memos"
+title: "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"
+description: "Cross-site Scripting (XSS) - Stored in GitHub repository usememos/memos
+  prior to 0.10.0."
+date: "2023-01-09"
+pubdate: "2023-01-07"
+affected_range: "<v0.10.0"
+fixed_versions:
+- "v0.10.0"
+affected_versions: "All versions before 0.10.0"
+not_impacted: "All versions starting from 0.10.0"
+solution: "Upgrade to version 0.10.0 or above."
+urls:
+- "https://nvd.nist.gov/vuln/detail/CVE-2023-0108"
+- "https://github.com/usememos/memos/commit/46c13a4b7f675b92d297df6dabb4441f13c7cd9c"
+- "https://huntr.dev/bounties/f66d33df-6588-4ab4-80a0-847451517944"
+- "https://github.com/advisories/GHSA-fpjc-cxr6-w6h8"
+uuid: "27c601f3-e910-4d3d-a1ee-6db640ef4c27"
+cwe_ids:
+- "CWE-1035"
+- "CWE-79"
+- "CWE-79"
+- "CWE-937"
+versions:
+- number: "v0.10.0"
+  commit:
+    tags:
+    - "v0.10.0"
+    sha: "936927f5bce2e6ffb96445871e6177a095bfd4ed"
+    timestamp: "20230107044616"