[github.com/usememos/memos] sememos/memos vulnerable to Improper Handling of Values

In usememos/memos 0.9.0 and prior, an attacker can post malicious content to another user’s memos page via POST request.

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-4851
• https://github.com/usememos/memos/commit/3556ae4e651d9443dc3bb8a170dd3cc726517a53
• https://huntr.dev/bounties/e3cebc1a-1326-4a08-abad-0414a717fa0f
• https://github.com/advisories/GHSA-42q2-m54f-jh95