
ChatGPT Sensitive Information Disclosure Flaw Abused File Download Mechanism
A now-patched vulnerability in ChatGPT that chained a guardrail bypass with a path traversal flaw to achieve local file inclusion (LFI) within OpenAI’s sandboxed execution environment. The researcher, operating under the alias zer0dac, mapped the issue to OWASP LLM02:2025 (Sensitive Information Disclosure), exploiting weaknesses in how ChatGPT’s file interpreter handled deleted file references and sandbox […]
The post ChatGPT Sensitive Information Disclosure Flaw Abused File Download Mechanism appeared first on Cyber Security News.