EPSS
Percentile
31.0%
github.com/usememos/memos is vulnerable to information disclosure. The vulnerability exists in multiple functions because of missing secure cookie attribute which allows an attacker to send an unencrypted request over the HTTP protocol.
github.com/usememos/memos/commit/7efa749c6628c75b19a912ca170529f5c293bb2e
github.com/usememos/memos/pull/828
huntr.dev/bounties/84973f6b-739a-4d7e-8757-fc58cbbaf6ef
huntr.dev/bounties/84973f6b-739a-4d7e-8757-fc58cbbaf6ef/