[github.com/usememos/memos] usememos/memos Improper Access Control vulnerability

In usememos/memos 0.9.0 and prior, users can edit and delete all other users’ shortcuts.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-4807
• https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
• https://huntr.dev/bounties/704c9ed7-2120-47ea-aaf0-5fdcbd492954
• https://github.com/advisories/GHSA-gfj4-wg89-m22r