Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-w57v-6xp4-rm2v: usememos/memos vulnerable to account takeover due to improper access control

usememos/memos is an open-source, self-hosted memo hub with knowledge management and socialization. Versions prior to 0.9.0 improperly maintain access control allowing an attacker to take over an account by changing header values in the HTTP request.

ghsa
#git#perl

usememos/memos vulnerable to account takeover due to improper access control

High severity GitHub Reviewed Published Dec 23, 2022 • Updated Dec 27, 2022

Related news

CVE-2022-4689

Improper Access Control in GitHub repository usememos/memos prior to 0.9.0.

ghsa: Latest News

GHSA-mqf3-qpc3-g26q: Silverstripe Framework has a Reflected Cross Site Scripting (XSS) in error message