Lucene search
Veracode Vulnerability DatabaseVERACODE:38665HistoryDec 27, 2022 - 6:52 a.m.
Improper Access Control
2022-12-2706:52:25
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
9
improper access control
insecure direct object references
change password vulnerability
user actions
EPSS
0.001
Percentile
37.0%
github.com/usememos/memos is vulnerable to improper access control. The vulnerability exists in multiple functions due to insecure direct object references which allows an attacker to perform actions on a user’s behalf via Change Password feature.
Related
cve
cve
CVE-2022-4684
2022-12-23 12:15:10
cvelist
cvelist
CVE-2022-4684 Improper Access Control in usememos/memos
2022-12-23 00:00:00
nvd
nvd
CVE-2022-4684
2022-12-23 12:15:10
osv
osv
CVE-2022-4684
2022-12-23 12:15:10
usememos/memos Improper Access Control vulnerability in github.com/usememos/memos
2024-08-21 16:03:59
usememos/memos Improper Access Control vulnerability
2022-12-23 12:30:25
github
github
usememos/memos Improper Access Control vulnerability
2022-12-23 12:30:25
prion
prion
Improper access control
2022-12-23 12:15:00
huntr
huntr
A user can edit private memos from other users
2022-12-21 00:25:44