What is real importance of the OAuth *state* parameter is?
A lot of developers are not sure about the answer.
Security researchers from Salt could install malicious ChatGPT plugins, just because of a minor state mistake that ChatGPT made.
If you want to understand OAuth, this post is for you: https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data
2 comments
[ 45.6 ms ] story [ 171 ms ] thread