Back to directory
WRITEUP #470

ChatGPT Account Takeover - Wildcard Web Cache Deception

AI / LLMAILLMWeb cache deceptionAccount takeoverPath traversalURL parsing issue
by@h4r3l(Harel)
Bounty
6,500
Program
OpenAI (ChatGPT)
Published
Feb 4, 2024
Added to HackDex
Feb 6, 2024
Read Full Writeuphttps://nokline.github.io/bugbounty/2024/02/04/ChatGPT-ATO.html
RELATED WRITEUPS
Shelltorch Explained: Multiple Vulnerabilities in Pytorch Model Server (Torchserve) (CVSS 9.9, CVSS 9.8) Walkthrough
AI / LLMAI
Microsoft Copilot: From Prompt Injection to Exfiltration of Personal Information
AI / LLMAI
Google AI Studio: LLM-Powered Data Exfiltration Hits Again! Quickly Fixed.
AI / LLMAI
Jailbreak of Meta AI (Llama -3.1) revealing configuration details
AI / LLMAI
Zeroday on Github Copilot
AI / LLMAI

Built with ❤️ by Shubham Rawat