Goal correct failure that allowed to see private prompts of its chatbot of ia

Goal has confirmed that he solved a Security failure that allowed users of their taro chatbot to access the Private Prompts and responses generated by other users. The problem was detected by Sandeep Hodkasia, founder of the firm Appsecure, who reported it privately to the finish line on December 26, 2024. Thanks to this responsible disseminationHodkasia received a $ 10,000 reward Through the company’s Bounty program.

Goal implemented the correction of the failure On January 24, 2025 and, as confirmed, he found no evidence that he had been maliciously exploited, so that the private data of the users would not have fallen into the wrong hands.

Prompts exposed because of an identifier

Hodkasia discovered the error by analyzing how users can edit their prompts for Regenerate text and images In goal AI. In this process, finishing servers assign a Unique number to each prompt and its response generated.

When examining network traffic from the browser while editing a prompt, Hodkasia realized that it was possible Modify manually That identifier. In doing so, the servers returned the prompt and the response of another different user, without verifying if who made the request had permits to see that content.

The problem worsened because those identifiers were easy to guesswhich would have allowed an attacker to automate the collection of private prompts by changing the numbers sequentially or randomly. Although the error was corrected more than half a year ago, it has not been until now that it has been aware of it.

Meta AI is the platform that gives life to the chatbot integrated in WhatsApp or in the smart glasses of Ray-Ban. Mark Zuckerberg’s company language models can also be used without connection thanks to tools such as Ollama.