In a recent revelation, security researchers have discovered multiple security vulnerabilities in ChatGPT by OpenAI this could potentially lead to account takeovers by unwitting users.
What happened: According to a report in Imperva on Tuesday, researchers have identified two cross-site scripting (XSS) vulnerabilities and other security issues in ChatGPT. Malicious hackers could exploit these vulnerabilities to take control of a user’s account.
ChatGPT allows users to upload files and query them. The research firm found that the functionality that processes these files and provides a clickable citation icon could be manipulated. Depending on the contents of the file, the ChatGPT feature that handles it could potentially pose a security threat.
See also: OpenAI, closed source? Elon Musk takes aim at Sam Altman after Sora’s AI reveal
However, exploiting this vulnerability is not easy. It requires the user to upload a malicious file, interact with ChatGPT in a way that prompts the user to mention this file, and then click on the mention to trigger the vulnerability.
The research firm reported these vulnerabilities to OpenAI and noted that they were patched by the AI startup “within hours.”
Because matter: This discovery comes in the wake of growing concerns about the use of artificial intelligence tools like ChatGPT in cyberattacks.
At the beginning of February, Microsoft Corp. MSFT and OpenAI revealed that hackers used large language models like ChatGPT to perfect their cyberattacks. In particular, hackers from countries such as Russia, North Korea, Iran and China have been found to be using tools such as ChatGPT to research targets, improve scripts and help develop social engineering techniques.
OpenAI previously launched a $20,000 Bug Bounty initiative to encourage users to find flaws in its AI systems. The recent discovery of vulnerabilities in ChatGPT highlights the importance of such initiatives in ensuring the security of AI systems.
Check out more of Benzinga’s Consumer Tech coverage by following this link.
Read next: Four testicles and meaningless labels: AI derails rat illustration in published scientific paper
Disclaimer: This content was partially produced with help from Benzinga Neuro and was reviewed and published by Benzinga editors.
Photo courtesy: Shutterstock