Lucene search
Veracode Vulnerability DatabaseVERACODE:38728HistoryJan 02, 2023 - 4:40 p.m.
Improper Authentication
2023-01-0216:40:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6
improper authentication
github.com/usememos/memos
remote attacker
reset api
idor
software
0.002 Low
EPSS
Percentile
54.4%
github.com/usememos/memos is vulnerable to improper authentication. The vulnerability allows a remote attacker to use the Reset API on any user without consent via IDOR.
| CPE | Name | Operator | Version |
|---|---|---|---|
| github.com/usememos/memos | le | v0.9.0 | |
| github.com/usememos/memos | le | v0.9.0 |
Related
cve
cve
CVE-2022-4686
2022-12-23 12:15:11
osv
osv
CVE-2022-4686
2022-12-23 12:15:11
nvd
nvd
CVE-2022-4686
2022-12-23 12:15:11
cvelist
cvelist
huntr
huntr
Reset API any user via IDOR
2022-12-22 17:40:17
prion
prion
Authorization
2022-12-23 12:15:00
github
github