Lucene search
K

4 matches found

Nuclei
Nuclei
added 19 hours ago21 views

Memos 0.13.2 - Server-Side Request Forgery

SSRF vulnerabilities exist in the memos API service /o/get/httpmeta that allow unauthenticated and authenticated users to enumerate and read from the internal network. In addition, one SSRF vulnerability leads to a reflected XSS vulnerability, which may allow an attacker complete control over the...

5.8CVSS6.2AI score0.01049EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2024/04/19 3:14 p.m.13 views

CVE-2024-29028 memos vulnerable to an SSRF in /o/get/httpmeta

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1...

5.8CVSS5.5AI score0.01049EPSS
Exploits1References2
Cvelist
Cvelist
added 2024/04/19 3:14 p.m.33 views

CVE-2024-29028 memos vulnerable to an SSRF in /o/get/httpmeta

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1...

5.8CVSS5.7AI score0.01049EPSS
Exploits1References2
OSV
OSV
added 2024/04/19 3:14 p.m.23 views

CVE-2024-29028 memos vulnerable to an SSRF in /o/get/httpmeta

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/httpmeta that allows unauthenticated users to enumerate the internal network and receive limited html values in json form. This vulnerability is fixed in 0.16.1...

5.8CVSS5.7AI score0.01049EPSS
Exploits1References4
Rows per page
Query Builder