What happened
On Friday Jan 26th at 2:59 PM PT, a Gentrace customer reported that a security consultant for their company had discovered a cross-site scripting (XSS) vulnerability in Gentrace.
This vulnerability occurred when unsanitized text was rendered in the OpenAI inputs and outputs blocks in the Gentrace UI when rendering OpenAI LLM calls. This happened because we use Mustache to interpolate any contentInputs into the contentTemplate and/or content from our SDK. Mustache sanitizes the inputs, but does not sanitize the template automatically.
Gentrace response
Fix
On Sunday Jan 28th at 11:57 AM PT, we deployed a fix for this issue by escaping the content / content template before rendering in Mustache.
Investigation
We developed and ran scripts to scan our production database for XSS vectors. We did not get any hits outside of the customer who reported the issue, and the hits on that customer were found to be the benign examples conducted by the security researcher.
Preventing recurrence
Out of an abundance of caution, we also audited the entire codebase to ensure that all content with a user-generated component passed to React's dangerouslySetInnerHTML is wrapped in a DOMPurify call, which will prevent accidental XSS issues from arising in the future. This includes the Mustache rendered OpenAI content and any other LLM content.
To make this part of our PR process, we also implemented the react/no-danger eslint error, which will prevent PR checks from passing when using React dangerouslySetHTML unless reviewed for safety.
Gentrace takes your security very safely. Please reach out to us if there are other best-practice actions you'd recommend that we take.
Customer actions
Because the vulnerability was fixed and no users were found to be affected, we do not recommend any actions be taken by our customers.