A server-side request forgery vulnerability in OpenAI's chatbot infrastructure can allow attackers to direct users to malicious URLs, leading to a range of threat activity. Attackers are actively exploiting a flaw in ChatGPT that allows them to redirect users to malicious URLs from within the artificial intelligence (AI) chatbot application, with more than 10,000 exploit attempts in a week coming from a single malicious IP address.
Researchers from Veriti discovered the vulnerability in OpenAI’