Headline
GHSA-w57v-6xp4-rm2v: usememos/memos vulnerable to account takeover due to improper access control
usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Versions prior to 0.9.0 improperly maintain access control allowing an attacker to take over an account by changing header values in the HTTP request.
usememos/memos vulnerable to account takeover due to improper access control
High severity GitHub Reviewed Published Dec 23, 2022 • Updated Dec 27, 2022
Related news
CVE-2022-4689
Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.