| Título | assafelovic gpt-researcher 3.4.3 Stored Cross-Site Scripting (XSS) |
|---|
| Descrição | GPT Researcher v3.4.3 and earlier versions are vulnerable to Stored Cross-Site Scripting (XSS) through the unauthenticated Report API. An attacker can inject arbitrary HTML and JavaScript into research reports via `POST /api/reports` or `PUT /api/reports/{id}` without authentication. The injected payload is stored server-side and rendered unsanitized in the NextJS frontend when any user navigates to the report URL (`/research/{id}`). The NextJS frontend uses `remark-html` with `sanitize: false` and renders the output via React's `dangerouslySetInnerHTML`, executing the attacker's JavaScript in the victim's browser. |
|---|
| Fonte | ⚠️ https://github.com/assafelovic/gpt-researcher/issues/1693 |
|---|
| Utilizador | Yu-Bao (UID 96702) |
|---|
| Submissão | 23/03/2026 03h23 (há 26 dias) |
|---|
| Moderação | 05/04/2026 21h12 (14 days later) |
|---|
| Estado | Aceite |
|---|
| Entrada VulDB | 355418 [assafelovic gpt-researcher até 3.4.3 Report API backend/server/app.py Script de Site Cruzado] |
|---|
| Pontos | 20 |
|---|