| Title | assafelovic gpt-researcher 3.4.3 Unauthenticated Server-Side Request Forgery (SSRF) |
|---|
| Description | GPT Researcher v3.4.3 and earlier versions are vulnerable to unauthenticated Server-Side Request Forgery (SSRF) via the WebSocket /ws endpoint. An attacker can supply arbitrary URLs in the source_urls parameter of a WebSocket start command, causing the server to make HTTP requests to attacker-specified internal or external hosts without any URL validation, scheme restriction, or IP address filtering. The scraped content is returned to the attacker through the research report output, making this a full-read SSRF. No authentication is required to exploit this vulnerability. |
|---|
| Source | ⚠️ https://github.com/assafelovic/gpt-researcher/issues/1696 |
|---|
| User | Yu-Bao (UID 96702) |
|---|
| Submission | 03/23/2026 04:19 (19 days ago) |
|---|
| Moderation | 04/05/2026 21:13 (14 days later) |
|---|
| Status | Accepted |
|---|
| VulDB entry | 355421 [assafelovic gpt-researcher up to 3.4.3 ws Endpoint source_urls server-side request forgery] |
|---|
| Points | 20 |
|---|