Khoj Obsidian Vulnerable to Cross Site Scripting (XSS) via Prompt Injection
CVE-2024-25639

7.5HIGH

Key Information:

Vendor: Khoj-ai
Status: Khoj
Vendor: CVE Published:; 8 July 2024

Summary

The Khoj application, known for creating personal AI agents, presents a vulnerability in its Obsidian, Desktop, and Web clients. This vulnerability arises from inadequate sanitization of user inputs and AI model responses, making systems susceptible to Cross Site Scripting (XSS) attacks. Specifically, an attacker could exploit this flaw through prompt injection by leveraging untrusted documents that the user has indexed or documents accessed via the /online command feature. This could lead to unauthorized script execution in the user's browser context. The vulnerability has been addressed in version 1.13.0 of the application.

Affected Version(s)

khoj < 1.13.0

References

https://github.com/khoj-ai/khoj/security/advisories/GHSA-...

x_refsource_CONFIRM

https://github.com/khoj-ai/khoj/commit/1dfd6d7391862d3564...

x_refsource_MISC

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jul 8, 2024
Vulnerability Reserved
Feb 8, 2024

Collectors

NVD DatabaseMitre Database