Assafelovic GPT-Researcher WebSocket Interface Reflected Cross-Site Scripting Vulnerability

A reflected cross-site scripting vulnerability has been identified in Assafelovic GPT-Researcher versions through 3.4.3. The issue arises in the WebSocket interface, specifically within the 'gpt_researcher/skills/researcher.py' file. When a user submits a research task containing HTML or JavaScript, the backend processes this input without proper sanitization. The unsanitized task name is then included in WebSocket log messages, which the lightweight frontend renders using 'innerHTML'. This lack of sanitization allows the injected script to execute in the user's browser. The vulnerability can be exploited remotely, without authentication, but requires user interaction.

Impact

Exploitation of this vulnerability leads to reflected cross-site scripting, where injected scripts are executed in the context of the user's browser. This could allow for session hijacking or other malicious actions that a user could perform.

Reproduction

To reproduce this vulnerability, send a WebSocket message through the 'logs' channel that includes an unsanitized task name with embedded HTML or JavaScript, such as an image tag with an 'onerror' event. The frontend will render this input as raw HTML, executing the script in the user's browser.

Remediation

The vulnerability can be fixed by properly sanitizing the task input before it is included in log messages. This can be done by escaping HTML characters to prevent the execution of scripts.