[github.com/usememos/memos] usememos/memos has Insufficient Granularity of Access Control

An Insufficient Granularity of Access Control in usememos/memos prior to 0.9.0 can allow an attacker to delete a memo from the archives.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-4813
• https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
• https://huntr.dev/bounties/a24b45d8-554b-4131-8ce1-f33bf8cdbacc
• https://github.com/advisories/GHSA-7qpw-2j9m-rw8c