TLDR: A XSS vulnerability has been patched. We investigated and found no known affected users or recommended actions for Gentrace users.

What happened

On Friday Jan 26th at 2:59 PM PT, a Gentrace customer reported that a security consultant for their company had discovered a cross-site scripting (XSS) vulnerability in Gentrace.

This vulnerability occurred when unsanitized text was rendered in the OpenAI inputs and outputs blocks in the Gentrace UI when rendering OpenAI LLM calls. This happened because we use Mustache to interpolate any contentInputs into the contentTemplate and/or content from our SDK. Mustache sanitizes the inputs, but does not sanitize the template automatically.

Gentrace response

Fix

On Sunday Jan 28th at 11:57 AM PT, we deployed a fix for this issue by escaping the content / content template before rendering in Mustache.

Investigation

We developed and ran scripts to scan our production database for XSS vectors. We did not get any hits outside of the customer who reported the issue, and the hits on that customer were found to be the benign examples conducted by the security researcher.

Preventing recurrence

Out of an abundance of caution, we also audited the entire codebase to ensure that all content with a user-generated component passed to React's dangerouslySetInnerHTML is wrapped in a DOMPurify call, which will prevent accidental XSS issues from arising in the future. This includes the Mustache rendered OpenAI content and any other LLM content.

To make this part of our PR process, we also implemented the react/no-danger eslint error, which will prevent PR checks from passing when using React dangerouslySetHTML unless reviewed for safety.

Gentrace takes your security very safely. Please reach out to us if there are other best-practice actions you'd recommend that we take.

Customer actions

Because the vulnerability was fixed and no users were found to be affected, we do not recommend any actions be taken by our customers.