EPSS
Percentile
30.4%
github.com/usememos/memos is vulnerable to cross-site request forgery. An attacker is able to send a malicious link via the memo API to the victim and when they click on it, any thoughts will be added.
memo
github.com/advisories/GHSA-gw9m-2m5v-c6x5
github.com/usememos/memos/commit/c9bb2b785dc5852655405d5c9ab127a2d5aa3948
github.com/usememos/memos/pull/876
huntr.dev/bounties/075dbd51-b078-436c-9e3d-7f25cd2e7e1b
huntr.dev/bounties/075dbd51-b078-436c-9e3d-7f25cd2e7e1b/