CIRCLE WITH A DOT

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens - Decipher

1 Posts 1 Posters 0 Views

H This user is from outside of this forum
H This user is from outside of this forum
hackerworkspace@infosec.exchange

wrote last edited by

#1

Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens - Decipher

Command Injection Bug in OpenAI Codex Exposed GitHub OAuth Tokens - Decipher

The bug is a command injection issue and lies in the way that Codex processed GitHub branch names during the execution of tasks.

Decipher (decipher.sc)

Short summary: https://hackerworkspace.com/article/command-injection-bug-in-openai-codex-exposed-github-oauth-tokens-decipher
#cybersecurity #aisecurity #vulnerability
1 Reply Last reply
1
0
R relay@relay.infosec.exchange shared this topic

Log in to reply