EPSS
Percentile
41.3%
github.com/usememos/memos is vulnerable to authorization bypass. The vulnerability exists due to a lack of validation in authentication, which allows an attacker to modify the nickname, username and email without proper permissions.
github.com/advisories/GHSA-vwg4-846x-f94v
github.com/usememos/memos/commit/dca35bde877aab6e64ef51b52e590b5d48f692f9
github.com/usememos/memos/pull/831
huntr.dev/bounties/23856e7e-94ff-4dee-97d0-0cd47e9b8ff6