PT-2026-30569 · Assafelovic · Assafelovic Gpt-Researcher
Yu-Bao
·
Published
2026-04-06
·
Updated
2026-04-06
·
CVE-2026-5630
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:N/I:P/A:N |
Name of the Vulnerable Software and Affected Versions
assafelovic gpt-researcher versions up to 3.4.3
Description
A flaw has been identified in the Report API component of assafelovic gpt-researcher, specifically within the file
backend/server/app.py and an unknown function. This issue allows for cross site scripting, potentially exploitable remotely. The exploit has been published.Recommendations
Versions prior to 3.4.4 are recommended.
Exploit
Fix
Code Injection
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Assafelovic Gpt-Researcher