Critical ChatGPT Plugin Vulnerabilities Expose Sensitive Data
March 13, 2024 at 08:07AM Security researchers at Salt Labs discovered three critical vulnerabilities in the ChatGPT extension, potentially exposing users’ accounts and services to unauthorized access. The first vulnerability occurs during plugin installation, allowing malicious code approval. The second vulnerability lacks proper user authentication, enabling account takeovers. The third vulnerability allows for OAuth redirection … Read more