6 matches found
EUVD-2024-2558
Malicious code in bioql PyPI...
EUVD-2023-30030
Malicious code in bioql PyPI...
CVE-2024-43396
Khoj is an application that creates personal AI agents. The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS. The q parameter for the /api/automation endpoint does not get correctly sanitized when rendered on the page, resulting in...
CVE-2023-26205
An improper access control vulnerability CWE-284 in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted configuration of fabric...
CVE-2024-43396
Khoj is an application that creates personal AI agents. The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS. The q parameter for the /api/automation endpoint does not get correctly sanitized when rendered on the page, resulting in...
CVE-2023-26205
An improper access control vulnerability CWE-284 in FortiADC automation feature 7.1.0 through 7.1.2, 7.0 all versions, 6.2 all versions, 6.1 all versions may allow an authenticated low-privileged attacker to escalate their privileges to superadmin via a specific crafted configuration of fabric...