code injection in node langchain vectorstore #18928

vmsperandio · 2023-11-13T22:05:38Z

vmsperandio
Nov 13, 2023

Good afternoon everybody,
I was able to ingest documents into the database, according to the langchain method below, but the return is an ingestion of malicious code on my page, as shown in the print below. Does anyone else have this vulnerability?

const vectorstore = await SupabaseVectorStore.fromDocuments(
splittedDocuments,
embeddings,
{
client,
tableName: "documents",
queryName: "match_documents",
},
);

[cause]: Error: Error searching for documents: undefined <script type="text/javascript">location.replace("https://malware.opendns.com/?url=MY_PASSWORD.supabase.co%2Frest%2Fv1%2Frpc%2Fmatch_documents&server=nyc4&prefs=&tagging=&nref");</script>

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Supabase

code injection in node langchain vectorstore #18928

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 0 comments

Select a reply

Supabase

code injection in node langchain vectorstore #18928

vmsperandio Nov 13, 2023

const vectorstore = await SupabaseVectorStore.fromDocuments( splittedDocuments, embeddings, { client, tableName: "documents", queryName: "match_documents", }, );

[cause]: Error: Error searching for documents: undefined <script type="text/javascript">location.replace("https://malware.opendns.com/?url=MY_PASSWORD.supabase.co%2Frest%2Fv1%2Frpc%2Fmatch_documents&server=nyc4&prefs=&tagging=&nref");</script>

Replies: 0 comments

vmsperandio
Nov 13, 2023

const vectorstore = await SupabaseVectorStore.fromDocuments(
splittedDocuments,
embeddings,
{
client,
tableName: "documents",
queryName: "match_documents",
},
);