github.com/usememos/memos is vulnerable to improper access control. A remote attacker is able to modify the usernames and email addresses of other users and thereby take over their accounts via the vulnerable user
endpoint.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.9.0 | |
github.com/usememos/memos | le | v0.9.0 |