Yellow.ai Cookie Flaw Let Hackers Hijack Support Accounts

Yellow.ai Cookie Flaw Let Hackers Hijack Support Accounts

Researchers discovered a Yellow.ai cookie flaw that exposed support agent accounts to hijacking. The vulnerability allowed attackers to use cross-site scripting (XSS) to steal session cookies. Yellow.ai has since patched the flaw, but the case highlights growing risks in chatbot systems.

How the Vulnerability Worked

The flaw came from the chatbot’s failure to sanitize inputs and outputs. Attackers could craft prompts that forced the chatbot to return malicious HTML or JavaScript. When displayed in a support agent’s interface, the script executed automatically.

That execution sent cookies from the agent’s browser to an attacker-controlled server. With those cookies, attackers could impersonate agents and gain access to internal systems.

Which Companies Were at Risk

Yellow.ai provides chatbots to large enterprises including Sony, Hyundai, and Domino’s. The vulnerability existed in the core platform, but researchers found no evidence that attackers exploited it in the wild.

Even so, the scale of Yellow.ai’s customer base makes the exposure significant. Stolen support agent accounts could have allowed attackers to intercept communications or abuse elevated privileges.

Patch and Response

Yellow.ai patched the vulnerability by updating how the chatbot handles generated output. After the update, injected scripts display as text rather than executing in the browser. This fix prevents future cookie theft attempts.

The company confirmed the patch and credited security researchers for reporting the issue.

Lessons for Businesses

The Yellow.ai cookie flaw underscores the need for strict safeguards in AI-driven systems. Companies deploying chatbots should:

  • Sanitize all inputs and outputs to block malicious scripts.
  • Restrict account privileges to reduce potential damage from a stolen session.
  • Audit chatbot responses regularly to identify unsafe behaviors.
  • Monitor for unusual activity in support systems.

Conclusion

The Yellow.ai cookie flaw shows how small oversights in chatbot design can expose powerful attack vectors. Although patched quickly, the vulnerability could have let hackers hijack support accounts and access sensitive systems. Organizations adopting AI support tools must treat them with the same rigor as other web applications by enforcing strong controls, monitoring threats, and limiting exposure.

Siyana Georgieva

0 responses to “Yellow.ai Cookie Flaw Let Hackers Hijack Support Accounts”