CVE-2024-12871

Name of the Vulnerable Software and Affected Versions infiniflow/ragflow version 0.12.0

Description The issue allows an attacker to upload a malicious PDF file to the knowledge base. When the file is viewed within Ragflow, the payload is executed in the context of the user's browser. This can lead to session hijacking, data exfiltration, or unauthorized actions performed on behalf of the victim, compromising sensitive user data and affecting the integrity of the entire application.

Recommendations For infiniflow/ragflow version 0.12.0, consider disabling the ability to upload PDF files to the knowledge base until a patch is available. Restrict access to the knowledge base to minimize the risk of exploitation. Avoid viewing untrusted PDF files within Ragflow to prevent potential payload execution.