PT-2024-30556
Name of the Vulnerable Software and Affected Versions Khoj versions prior to 1.15.0 Description The Automation feature in Khoj allows users to insert arbitrary HTML inside task instructions, resulting in a Stored XSS. The q parameter for the "/api/automation" endpoint does not get correctly...