ChatGPT Sensitive Information Disclosure Flaw Abused File Download Mechanism
ID: df61dcf1-db17-5406-be5b-52a9190cf876
STIX ID: report--df61dcf1-db17-5406-be5b-52a9190cf876
Feed Name: Cyber Press
A researcher (zer0dac) discovered and reported a now-patched ChatGPT Code Interpreter vulnerability that used social-engineered prompt sequences to bypass guardrails and a path-retention traversal trick to achieve local file inclusion from the sandbox (demonstrated with /etc/passwd). OpenAI redesigned the download flow to close both the conversational guardrail bypass and the traversal vector; the issue highlights LLM-specific risks where prompt context and dynamic session state can subvert backend validation and enable sensitive information disclosure.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
