Critical Account Takeover and Privilege Escalation in usememos/memos

Valid

Reported on

Dec 22nd 2022

Description

Critical account takeover and privilege escalation vulnerability allow a low privilege user to take over admin account by using change password functionality.

In a normal user, select change password alt text Change the user ID to 1 as it is the admin account user ID Admin account is taken over immediately

Impact

Low privilege user could take over admin account

Occurrences

user.go L1-L104

We are processing your report and will contact the usememos/memos team within 24 hours. 18 days ago

We have contacted a member of the usememos/memos team and are waiting to hear back 17 days ago

STEVEN validated this vulnerability 17 days ago

mmmmmcheung has been awarded the disclosure bounty

The fix bounty is now up for grabs

The researcher's credibility has increased: +7

STEVEN marked this as fixed in 0.9.0 with commit dca35b 17 days ago

STEVEN has been awarded the fix bounty

This vulnerability has been assigned a CVE

STEVEN published this vulnerability 17 days ago

user.go#L1-L104 has been validated

mmmmmcheung

commented 10 days ago

Researcher

why is this rejected?

to join this conversation