github.com/usememos/memos is vulnerable to information disclosure. A remote authenticated attacker is able to gain access to confidential user details via the api/status
endpoint, which returns email addresses to unauthorized users.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/usememos/memos | le | v0.9.0 | |
github.com/usememos/memos | le | v0.9.0 |