| Título | assafelovic gpt-researcher 3.4.3 Stored Cross-Site Scripting (XSS) |
|---|
| Descripción | GPT Researcher v3.4.3 and earlier versions are vulnerable to Stored Cross-Site Scripting (XSS) through the unauthenticated Report API. An attacker can inject arbitrary HTML and JavaScript into research reports via `POST /api/reports` or `PUT /api/reports/{id}` without authentication. The injected payload is stored server-side and rendered unsanitized in the NextJS frontend when any user navigates to the report URL (`/research/{id}`). The NextJS frontend uses `remark-html` with `sanitize: false` and renders the output via React's `dangerouslySetInnerHTML`, executing the attacker's JavaScript in the victim's browser. |
|---|
| Fuente | ⚠️ https://github.com/assafelovic/gpt-researcher/issues/1693 |
|---|
| Usuario | Yu-Bao (UID 96702) |
|---|
| Sumisión | 2026-03-23 03:23 (hace 1 mes) |
|---|
| Moderación | 2026-04-05 21:12 (14 days later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 355418 [assafelovic gpt-researcher hasta 3.4.3 Report API backend/server/app.py secuencias de comandos en sitios cruzados] |
|---|
| Puntos | 20 |
|---|