Miggo Logo

CVE-2022-4734: usememos/memos may leak user information to an authenticated user

4.3

CVSS Score
3.1

Basic Information

EPSS Score
0.25567%
Published
12/27/2022
Updated
7/19/2023
KEV Status
No
Technology
TechnologyGo

Technical Details

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
Package NameEcosystemVulnerable VersionsFirst Patched Version
github.com/usememos/memosgo<= 0.9.00.9.1

Vulnerability Intelligence
Miggo AIMiggo AI

Miggo AIRoot Cause Analysis

The vulnerability stems from incomplete data sanitization in system status responses. The commit 05b41804e33a specifically modifies the registerSystemRoutes function in server/system.go to add email field redaction. Before this patch, while OpenID was cleared, email remained in responses. This function handles authentication-gated system information endpoints, making it the logical point of exposure for authenticated user data leaks. The CWE-212 mapping confirms this is an improper sensitive data removal issue during response preparation.

Vulnerable functions

Only Mi**o us*rs **n s** t*is s**tion

WAF Protection Rules

WAF Rule

us*m*mos/m*mos *.*.* *n* prior **s *n*point t**t l**ks us*r in*orm*tion lik* n*m*s, *m*il, rol*, *n* Op*nI* to *n *ut**nti**t** us*r. * p*t** is *v*il**l* *t *ommit **************************************** on t** `m*in` *r*n**.

Reasoning

T** vuln*r**ility st*ms *rom in*ompl*t* **t* s*nitiz*tion in syst*m st*tus r*spons*s. T** *ommit ************ sp**i*i**lly mo*i*i*s t** `r**ist*rSyst*mRout*s` *un*tion in `s*rv*r/syst*m.*o` to *** *m*il *i*l* r****tion. ***or* t*is p*t**, w*il* Op*nI