ChatGPT API flaws could allow DDoS, prompt injection attacks | CSO Online

A vulnerability in the ChatGPT API allows attackers to launch DDoS attacks on arbitrary websites by exploiting a flaw in the attributions endpoint. The API’s inability to handle duplicate hyperlinks and lack of limits on the number of URLs in a single request enable this attack. Additionally, the same API is susceptible to prompt injection attacks, potentially slowing down OpenAI servers.