github.com/usememos/memos is vulnerable to improper authentication. The vulnerability allows a remote attacker to use the `Reset` API on any user without consent via IDOR.Read More