AutoGPT WebSocket API Cross-User Data Leakage Vulnerability

A vulnerability in the AutoGPT platform's WebSocket API allows for unintended cross-user sharing of node execution updates. This issue arises because the API transmitted execution updates based on a combination of 'graph_id' and 'graph_version' without verifying the user's ownership of the graph. Consequently, one user could receive execution updates from another user's graph, but only within the same instance of the platform. This vulnerability does not affect single-user instances or private instances with a user whitelist, where the impact is limited to admitted users.

Impact

Exploitation of this vulnerability could lead to unauthorized access to a user's graph execution updates, allowing one user to monitor the execution of another user's graph in real-time.

Remediation

Users can update to AutoGPT Platform version 0.6.1, where this vulnerability has been fixed. Instructions for updating are available on the AutoGPT Releases page.