# Description
I have discovered in Memos a CSRF Vulnerability (in Create a Memo Functionality (POST /api/memo).

I have identified that it is possible to manipulate the actions of authenticated users by tricking them into clicking on a malicious link or visiting a malicious website while they are logged into Memos. This can allow an attacker to perform actions on behalf of the victim, such as creating or modifying memos.

To reproduce the vulnerability, I followed these steps:
1. I logged into the Memos application with a valid account.
2. I created a malicious HTML file containing a form that submits a request to the Memos application to create a new memo, with the title and content set to a predetermined value:

“`

“`

3. I hosted the malicious HTML file on a server and shared the link with a victim who was also logged into the Memos application.
4. When the victim clicked on the link, a new memo was created in their account with the predetermined title and content, without their knowledge or consent.

I have attached a proof-of-concept HTML file and a video demonstrating the vulnerability to this report.

The Cross-Site Request Forgery (CSRF) vulnerability in the application is occurring because the application is not validating the Content-Type to be of the type application/json and is allowing the submission of text/plain.

By allowing requests with text/plain as the Content-Type, the application is vulnerable to CSRF attacks

# Proof of Concept
https://drive.google.com/file/d/10eIE2pXRcVDT1juyGu5_MSmvzgTmj_35/view?usp=sharing

## Remediation
I recommend that you take the following steps to mitigate this vulnerability:
Implement proper CSRF protection, such as including a unique token in all forms and verifing it on the server-side.
The application should validate the Content-Type of requests to ensure that they are of the correct type, such as application/json. This will prevent attackers from being able to leverage the vulnerability to perform unauthorized actions.Read More