Show menu
C’EST QUOI SYSTEME.IO ? FAITES LE TOP ET LE MEILLEUR AVEC! - WHAT IS SYSTEME.IO? MAKE THE TOP AND THE BEST WITH !

How One Prompt Hijacked Lenovo’s AI Chatbot

Your video will begin in 10
Skip ad (5)
Turn 1h of work a week into $2000 a month
Boostez vos ventes
Boostez vos ventes

Thanks! Share it with your friends!

You disliked this video. Thanks for the feedback!

Added by admin
15 Views
A single ~400-character prompt was enough to hijack Lenovo’s AI website chatbot. By switching the bot’s output to HTML and injecting a malicious payload, researchers triggered XSS, executed code, and exfiltrated session cookies—even snagging an agent’s cookies after escalation.
This video breaks down the four prompt elements, the root cause (weak input/output sanitisation + “people-pleasing” LLMs), and the real risks: data theft, support system compromise, and lateral movement. We finish with practical guardrails and why bug bounty hunters and red teamers should target AI chatbots right now.

Topics: lenovo ai chatbot, xss, prompt injection, session cookies, html injection, llm security, chatbot security, ethical hacking, bug bounty, red teaming, ai guardrails, input sanitisation, output encoding, cookie theft, lateral movement

#lenovo #ai #hacked
Category
AI prompts
Tags
lenovo ai chatbot, lenovo chatbot xss, cross site scripting

Post your comment

Comments

Be the first to comment