github.com/usememos/memos is vulnerable to cross-site request forgery. The vulnerability exists in an incorrectly specified destination in a communication channel which allows an attacker to change the language for other users, via user_setting
API forcing a change of password and/or other personal information.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.9.0 | |
github.com/usememos/memos | le | v0.9.0 |