CVE-2022-4689

Name of the Vulnerable Software and Affected Versions usememos/memos versions prior to 0.9.0

Description The issue is related to improper access control in the usememos/memos GitHub repository, allowing an attacker to take over an account. This is possible by changing header values in the HTTP request. The usememos/memos is an open-source, self-hosted memo hub that provides knowledge management and socialization features.

Recommendations For versions prior to 0.9.0, update to version 0.9.0 or later to resolve the issue. As a temporary workaround, consider restricting access to sensitive features until the update is applied.