57 matches found
CVE-2024-48145
A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48140
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48142
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI Assistant v2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
Monica 安全漏洞
Monica is an AI assistant from Monica. A security vulnerability exists in Monica version v2.4.0, which stems from a prompt injection in the chat box and allows an attacker to access and steal all previous and subsequent chat data between a user and the AI assistant via a carefully constructed...
Netangular Technologies ChatNet AI 安全漏洞
Netangular Technologies ChatNet AI is an application from Netangular Technologies. A security vulnerability exists in Netangular Technologies ChatNet AI v1.0, which stems from a prompt injection vulnerability in the chat box that allows an attacker to access and disclose data from all previous an...
CVE-2024-48144
A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything v1.2.4.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48140
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI Copilot powered by ChatGPT4 v6.3.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CVE-2024-48145
A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1.0 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
CodeGeeX 安全漏洞
CodeGeeX is an intelligent programming assistant from China-based Smart Spectrum Huazhang CodeGeeX. A security vulnerability exists in CodeGeeX version v2.17.0, which originates from a prompt injection in the chat box, allowing an attacker to access and steal all previous and subsequent chat data...
Fusion Chat AI Assistant 安全漏洞
Fusion Chat AI Assistant is an AI bot from Fusion Chat, Inc. A security vulnerability exists in Fusion Chat AI Assistant version v1.2.4.0, which stems from a prompt injection vulnerability in the chat box that allows an attacker to access and disclose all previous and subsequent chat data between...
CVE-2024-48140
CVE-2024-48140 is described across multiple sources (NVD, Red Hat, CNNVD, CVE lists) as a prompt-injection vulnerability in the chatbox of Butterfly Effect Limited’s Monica Your AI Copilot powered by ChatGPT4 v6.3.0. The concrete detail available is that the affected software is Monica Your AI Co...
PT-2024-33004 · Unknown · Fusion Chat Chat Ai Assistant
Name of the Vulnerable Software and Affected Versions: Fusion Chat Chat AI Assistant Ask Me Anything version 1.2.4.0 Description: A prompt injection issue in the chatbox allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a...
Monica 安全漏洞
Monica is an AI assistant from Monica. A security vulnerability exists in Monica version v6.3.0, which stems from an instant injection vulnerability in the chat box that allows an attacker to access and steal all previous and subsequent chat data between a user and the AI assistant via a spoofed...
CVE-2024-48139
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access and exfiltrate all previous and subsequent chat data between the user and the AI assistant via a crafted message...
Blackbox AI 安全漏洞
Blackbox AI is an AI coding assistant from Blackbox AI, Inc. that helps developers by providing real-time code completion, documentation, and debugging advice. A security vulnerability exists in Blackbox AI version v1.3.95, which stems from a prompt injection in a chat box that allows an attacker...
CVE-2024-48141
CVE-2024-48141 describes a prompt-injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0. According to Red Hat and CVE records, a crafted user message can access and exfiltrate all prior and subsequent chat data between the user and the AI assistant. The vulnerability is scoped to th...
CVE-2024-45989
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information to an Unauthorized Actor. A prompt injection allows an attacker to modify chatbot answer with an unloaded image that exfiltrates the user's sensitive chat data of the current session to a malicious...
CVE-2024-45989
CVE-2024-45989 affects the Monica AI Assistant desktop application v2.3.0. The vulnerability is a prompt injection that allows an attacker to inject an unloaded image into chatbot answers, enabling exfiltration of the user’s current-session chat data to a malicious third party or attacker-control...
Peloton accused of providing customer chat data to train AI
It seems that Peloton may have been providing more training than just for its customers, as its set to face court in California accused of using user chat data to train AI. Peloton Interactive, Inc. is a US-based exercise equipment and media company, known for its stationary bicycles, treadmills,...
Cross site scripting
The AI Engine: Chatbots, Generators, Assistants, GPT 4 and more! plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the AI chat data when discussion tracking is enabled in all versions up to, and including, 2.2.0 due to insufficient input sanitization and output escaping. This...