Khoj Vulnerable to Stored Cross-site Scripting In Automate (Preview feature)
The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS.
Advisories for Pypi/Khoj package
2024
The Automation feature allows a user to insert arbitrary HTML inside the task instructions, resulting in a Stored XSS.