Lucene search
K

4 matches found

Nuclei
Nuclei
added 2026/02/04 7:0 a.m.10 views

Memos 0.13.2 - Cross-Site Scripting & SSRF

An SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current server request, causing a reflected XSS vulnerability. id: CVE-2024-29029...

6.1CVSS5.9AI score0.0108EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 10:13 a.m.5 views

CVE-2024-29029

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current...

6.1CVSS6AI score0.0108EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/04/19 3:14 p.m.12 views

CVE-2024-29029 memos vulnerable to an SSRF in /o/get/image

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current...

6.1CVSS6AI score0.0108EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/19 3:14 p.m.35 views

CVE-2024-29029 memos vulnerable to an SSRF in /o/get/image

memos is a privacy-first, lightweight note-taking service. In memos 0.13.2, an SSRF vulnerability exists at the /o/get/image that allows unauthenticated users to enumerate the internal network and retrieve images. The response from the image request is then copied into the response of the current...

6.1CVSS6.2AI score0.0108EPSS
Exploits1References3
Rows per page
Query Builder