Unauthenticated Chat Takeover in AI Chatbot – un1tycyb3r

un1tycyb3r.com · bugbountydaily · 3 days ago · exploit
0 net
Tags
exploit websocket
A popular enterprise chatbot left an old, unauthenticated WebSocket endpoint active that still accepted full bidirectional messages using only a conversation UUID as “protection.” Anyone who obtained a conversation ID could connect, impersonate the user, read their chats, and exfiltrate sensitive data via a trivial HTML PoC. After disclosure, the vendor quickly disabled the legacy endpoint and paid modest bounties.
← Back to stories