khoj-assistant@0.11.0 vulnerabilities
khoj-assistant is now khoj
-
latest version
1.21.1.dev5
-
latest non vulnerable version
-
first published
2 years ago
-
latest version published
3 months ago
-
licenses detected
- [0.1.0,1.7.1.dev48)
Direct Vulnerabilities
Known vulnerabilities in the khoj-assistant package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.Vulnerability | Vulnerable Version |
---|---|
khoj-assistant is an An AI copilot for your Second Brain Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via prompt injection, due to accepting unsanitized input in the Obsidian, Desktop, and Web clients. An attacker who can convince a user to index a malicious page or read a page containing malicious instructions or prompts via the How to fix Cross-site Scripting (XSS)? Upgrade |
[,1.13.0)
|
khoj-assistant is an An AI copilot for your Second Brain Affected versions of this package are vulnerable to Open Redirect through the How to fix Open Redirect? Upgrade |
[,1.14.0)
|