EPSS
Percentile
30.7%
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to add new members, via user API by exploiting the CSRF issue.
user
github.com/advisories/GHSA-cwrm-33qq-4w2x
github.com/usememos/memos/commit/c9bb2b785dc5852655405d5c9ab127a2d5aa3948
github.com/usememos/memos/pull/876
huntr.dev/bounties/38c685fc-7065-472d-a46e-e26bf0b556d3
huntr.dev/bounties/38c685fc-7065-472d-a46e-e26bf0b556d3/