WRITEUP #397

Security Flaws within ChatGPT Ecosystem Allowed Access to Accounts On Third-Party Websites and Sensitive Data

AI / LLMAILLMAccount takeoverOAuth

by@AviadCarmel(Aviad Carmel)

Program

OpenAI (ChatGPT)PluginLab.AIKesemAI

Published

Mar 13, 2024

Added to HackDex

Jul 30, 2024

Read Full Writeuphttps://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data

▸ RELATED WRITEUPS

Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information

AI / LLMAI

Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.

AI / LLMAI

AI Under Siege: Discovering and Exploiting Vulnerabilities

AI / LLMAI

Jailbreak of Meta AI (Llama -3.1) revealing configuration details

AI / LLMAI

Zeroday on Github Copilot

AI / LLMAI

Built with ❤️ by Shubham Rawat