What attack vectors have security researchers identified for this ChatGPT vulnerability?

Security researchers have identified several attack vectors: 1) Craft deceptive clickable messages embedded within SVG code that appear legitimate to users, potentially linking to malicious websites (HTML smuggling), 2) Create malicious content that exploits critical unpatched browser vulnerabilities, but the users trust the site because OpenAI's site is not malicious by intent, and 3) Create SVGs with epileptic-inducing flashing effects that may cause harm to photosensitive individuals.

Why is this vulnerability particularly concerning for ChatGPT users?

Most users implicitly trust content from ChatGPT and wouldn't expect visual manipulation or phishing attempts through the platform. This trust makes users more likely to interact with malicious content delivered through the vulnerability.

What should users do to protect themselves from this ChatGPT vulnerability?

Security experts recommend that users are very careful when viewing shared ChatGPT conversations from unknown sources. Users should avoid opening shared conversations from untrusted individuals until OpenAI has fully resolved the vulnerability.

What is a stored cross-site scripting (XSS) vulnerability?

A stored cross-site scripting (XSS) vulnerability occurs when an application accepts and permanently stores untrusted data (in this case, SVG code) that is later retrieved and displayed to users without proper sanitization. When the stored malicious code is viewed by other users, it executes in their browsers, potentially compromising their security or privacy.

Advisory

Vulnerability in ChatGPT allowed for malicious SVG that is sent to victims in chat shares

Q: How long was the ChatGPT vulnerability active?

The vulnerability affected the ChatGPT system through March 30, 2025, and enabled phishing attacks and potentially harmful content to be delivered to unsuspecting users.

published: May 20, 2025

Take action: Be VERY VERY careful about clicking on links that lead to ChatGPT chats - especially from unknown sources or in unexpected messages. They may be embedding malicious XSS code. Also ALWAYS patch your web browser, and run script blockers like Ublock Origin and Privacy Badger.

Learn More

A security vulnerability has been discovered in ChatGPT that allowed attackers to embed and execute malicious SVG (Scalable Vector Graphics) and image files directly within shared conversations.

The flaw is tracked as CVE-2025-43714 (CVSS score 6.5) - A stored cross-site scripting (XSS) - affected the ChatGPT system through March 30, 2025, and enabled phishing attacks and potentially harmful content to be delivered to unsuspecting users.

The vulnerability exists because ChatGPT executes SVG code elements when they appear inside code blocks when a chat is reopened instead of rendering the SVG code as text. This behavior effectively created a stored cross-site scripting (XSS) vulnerability within the popular AI platform.

SVG files, unlike regular image formats such as JPG or PNG, are XML-based vector images that can include HTML and script tags. While this is a legitimate feature of the SVG format, it becomes dangerous when improperly handled within a chat interface. "SVG files can contain embedded JavaScript code that executes when the image is rendered in a browser.

Security researchers have identified several attack vectors:

Craft deceptive clickable messages embedded within SVG code that appear legitimate to users, potentially linking to malicious websites (HTML smuggling).
Create malicious content that exploits critical unpatched browser vulnerabilities, but the users trust the site because openai site is not malicius by intent.
Create SVGs with epileptic-inducing flashing effects that may cause harm to photosensitive individuals.

Most users implicitly trust content from ChatGPT and wouldn't expect visual manipulation or phishing attempts through the platform.

OpenAI has reportedly disabled the link-sharing feature after the vulnerability was reported, but a full fix addressing the underlying issue is still pending. Security experts recommend that users are very careful when viewing shared ChatGPT conversations from unknown sources.

Vulnerability in ChatGPT allowed for malicious SVG that is sent to victims in chat shares

Read More
Adobe releases December 2025 patches for multiple products
Paragon's Graphite Spyware targets European journalists through iPhone …
Samsung releases November update for Galaxy phones
Researcher Reports that AI Social Network Moltbook Leaks …
Researchers warn of critical flaw in iPadOS, macOS …