github.com/usememos/memos is vulnerable to stored cross-site scripting attacks. The vulnerability exists due to improper user-input sanitization, which allows an attacker to create a memo with a malicious payload, resulting in malicious javascript execution.