EPSS
Percentile
21.8%
github.com/usememos/memos is vulnerable to improper authorization. Access restriction bypass via the shortcut endpoint allows an attacker to view, modify, and delete other users’ shortcuts.
shortcut
github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
github.com/usememos/memos/pull/870
huntr.dev/bounties/d47d4a94-92e3-4400-b012-a8577cbd7956
huntr.dev/bounties/d47d4a94-92e3-4400-b012-a8577cbd7956/