CVE-2025-56527 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
High CVSS: 7.5

CVE-2025-56527

Plaintext password storage in Kotaemon 0.11.0 in the client's localStorage.
Vendor
Cinnamon
Product
Kotaemon
CWE
CWE-256
Yayın Tarihi
2025-11-18 17:16:04
Güncelleme
2025-12-02 19:37:49
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-256 Kotaemon HIGH Cinnamon 2025

Referanslar

https://github.com/Cinnamon/kotaemon https://github.com/Cinnamon/kotaemon/commit/37cdc28 https://github.com/HanTul/Kotaemon-CVE-2025-56526-56527-disclosure https://harvest-sink-590.notion.site/Stored-XSS-via-Unsanitized-PDF-Content-Rendering-and-Plaintext-Credential-Exposure-in-LocalStorage-236770c3fe1e80f6a1aef381fb1c8f73 https://skinny-exoplanet-584.notion.site/Stored-XSS-via-Unsanitized-PDF-Content-Rendering-and-Plaintext-Credential-Exposure-in-LocalStorage-22cd1563bd3380458588eb49f361a363?pvs=74