Cinnamon: >> Kotaemon >> 0.10.6 Security Vulnerabilities
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.
CVSS Score
6.1
EPSS Score
0.0
Published
2025-11-18
Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
CVSS Score
7.5
EPSS Score
0.0
Published
2025-11-18