[github.com/usememos/memos] usememos/memos has Insufficient Granularity of Access Control

usememos/memos 0.9.0 and prior allows an attacker to archive any user’s public or private post.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-4801
• https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
• https://huntr.dev/bounties/b0795261-0f97-4f0b-be44-9dc079e01593
• https://github.com/advisories/GHSA-f83p-pg86-p922