And.. another OAuth vulnerability – now it's ChatGPT

4 points by DBformore 2 years ago · 1 comment · 1 min read

TLDR:

The state variable that ChatGPT uses in the integration with plugins, was not random. Attackers could install a malicious plugin on a victim by sending a link that mimic the last step of the OAuth flow.

The takeaway: If your company has an OAuth, make sure the state parameter is random. That's a common mistake.

https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data