Cross-Site Request Forgery (CSRF)

github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to force the change of a password and/or other personal information on a user’s behalf, through `shortcut` API via improper verification of source of a communication channel.Read More