Tag: Yellow.ai

  • Yellow.ai Cookie Flaw Let Hackers Hijack Support Accounts

    Yellow.ai Cookie Flaw Let Hackers Hijack Support Accounts

    Researchers discovered a Yellow.ai cookie flaw that exposed support agent accounts to hijacking. The vulnerability allowed attackers to use cross-site scripting (XSS) to steal session cookies. Yellow.ai has since patched the flaw, but the case highlights growing risks in chatbot systems. How the Vulnerability Worked The flaw came from the chatbot’s failure to sanitize inputs…