Cross-Site WebSocket Hijacking Vulnerability
A Cross-Site WebSocket Hijacking (CSWSH) vulnerability in GPT Academy version 3.83 allows attackers to hijack WebSocket connections and perform unauthorized actions such as deleting conversation history. The issue arises from insufficient WebSocket authentication and lack of origin validation. The vulnerability has not yet been patched.
Available publicly on Jan 02 2025
Threat Overview
The Cross-Site WebSocket Hijacking (CSWSH) vulnerability in GPT Academy allows an attacker to hijack an active WebSocket session between the victim's browser and the server. This enables the attacker to send malicious WebSocket requests without the victim's knowledge or consent. The vulnerability is due to insufficient WebSocket authentication and lack of origin validation, which allows unauthorized actions such as data manipulation, deletion, and privacy violations.
Attack Scenario
An attacker hosts a malicious HTML file containing a PoC script on a remote server. The victim, while logged into GPT Academy, visits the malicious page and clicks a button. This action triggers the deletion of all conversation history through the hijacked WebSocket connection, without the victim's knowledge or consent.
Who is affected
Users of GPT Academy version 3.83 who are logged into the platform and interact with malicious web pages are affected by this vulnerability. This includes any user who has an active WebSocket session with the GPT Academy server.
Technical Report
Want more out of Sightline?
Sightline offers even more for premium customers
Go Premium
We have - related security advisories that are available with Sightline Premium.