Forensic Summary
A critical vulnerability dubbed WriteOut in the Writer enterprise AI platform allowed attackers to hijack victim session tokens across organisational boundaries using a malicious agent preview link. The flaw exploited Writer's live preview sandbox, which incorrectly forwarded authenticated session cookies into attacker-controlled execution environments. Writer has patched the issue by isolating sandbox origins and stripping session cookies from preview requests.
Read the full technical deep-dive on Grid the Grey: https://gridthegrey.com/posts/session-token-leak-in-writer-ai-enables-cross-tenant-account-takeover/
Top comments (0)