CVE-2024-43396 | khoj-ai khoj up to 1.14.x Task Instruction /api/automation q cross site scripting (GHSA-cf72-vg59-4j4h)

Posted by Angelo Barbosa | Aug 21, 2024 | CVE

A vulnerability was found in khoj-ai khoj up to 1.14.x and classified as problematic. Affected by this issue is some unknown functionality of the file /api/automation of the component Task Instruction Handler. The manipulation of the argument q leads to cross site scripting.

This vulnerability is handled as CVE-2024-43396. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-43396 | khoj-ai khoj up to 1.14.x Task Instruction /api/automation q cross site scripting (GHSA-cf72-vg59-4j4h)

Related Posts

CVE-2024-8711 | SourceCodester Food Ordering Management System 1.0 /includes/ exposure of information through directory listing

CVE-2024-4435 | dfinity ic-stable-structures up to 0.6.3 BTreeMap memory leak

CVE-2024-3309 | Qi Addons for Elementor Plugin up to 1.7.0 on WordPress Countdown Widget cross site scripting

CVE-2024-37504 | Ninja Team FileBird Document Library Plugin up to 2.0.6 on WordPress information disclosure