Lucene search
Veracode Vulnerability DatabaseVERACODE:38715HistoryJan 02, 2023 - 1:37 p.m.
Privilege Escalation
2023-01-0213:37:01
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
2
privilege escalation
role parameter
vulnerability
software
0.001 Low
EPSS
Percentile
34.8%
github.com/usememos/memos is vulnerable to privilege escalation. Improper privilege management due to missing server-side validation on the role parameter allows an attacker to add a new member with the HOST role with all the HOST users privileges.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/usememos/memos | le | v0.9.0 | |
| github.com/usememos/memos | le | v0.9.0 |
Related
osv
osv
usememos/memos Improper Privilege Management vulnerability
2022-12-28 15:30:46
CVE-2022-4808
2022-12-28 14:15:11
prion
prion
Input validation
2022-12-28 14:15:00
cve
cve
CVE-2022-4808
2022-12-28 14:15:11
nvd
nvd
CVE-2022-4808
2022-12-28 14:15:11
github
github
usememos/memos Improper Privilege Management vulnerability
2022-12-28 15:30:46
cvelist
cvelist
CVE-2022-4808 Improper Privilege Management in usememos/memos
2022-12-28 00:00:00
huntr
huntr
Able to assign HOST role to new User
2022-12-27 19:16:30