CVE-2024-29030 | usememos up to 0.13.2 /api/resource server-side request forgery (GHSL-2023-154)

Posted by Angelo Barbosa | Apr 19, 2024 | CVE

A vulnerability was found in usememos memos up to 0.13.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /api/resource. The manipulation leads to server-side request forgery.

This vulnerability is known as CVE-2024-29030. The attack can be launched remotely. There is no exploit available.

It is recommended to apply a patch to fix this issue.

CVE-2024-29030 | usememos up to 0.13.2 /api/resource server-side request forgery (GHSL-2023-154)

Related Posts

CVE-2024-7420 | Insert PHP Code Snippet Plugin up to 1.3.6 on WordPress cross-site request forgery

CVE-2023-6893 | Hikvision Intercom Broadcasting System 3.0.3_20201113_RELEASE(HIK) /php/exportrecord.php downname path traversal

CVE-2024-34211 | Totolink CP450 4.1.0cu.747_B20191224 /etc/shadow.sample hard-coded password

CVE-2024-42681 | Xuxueli XXL-Job 2.4.1 Sub-Task ID permission (Issue 3516)