AWS VDP: AWS | Self Registration Internal LibreChat : Access to internal/proprietary LLMs

Issue Summary A LibreChat endpoint/UI is found to be accessible to the public Internet, with self registration for any non AWS/Amazon Corporate domains enabled, allowing an attacker to use a ChatGPT like UI to access multiple public models Example : Claude with the API access it has enabled, as...