there are several corpo open source ai apps that have rce built in.
to cut a long story short they pull their config from the developer's server on startup. that config has user level permissions giving rce.
some have no rce but get remote executed exfiltration of all the prompts. the app pulls its posthog config on startup and can just take all the keyboard inputs.
submit a disclosure and they do nothing or accuse of 'ai slop reports' despite being vibe coded themselves
No comments yet.
