Home
Description
Cross site scripting (XSS) vulnerability in Kotaemon 0.11.0 allowing attackers to execute arbitrary code via a crafted PDF.
References
github.com/Cinnamon/kotaemon/commit/37cdc28
skinny-exoplanet-584.notion.site/...bd3380458588eb49f361a363
github.com/HanTul/Kotaemon-CVE-2025-56526-56527-disclosure
harvest-sink-590.notion.site/...70c3fe1e80f6a1aef381fb1c8f73
