CWE-1427
Improper Neutralization of Input Used for LLM Prompting
The product uses externally-provided data to build prompts provided to large language models (LLMs), but the way these prompts are constructed causes the LLM to fail to distinguish between user-supplied inputs and developer provided system directives.
Official CWE-1427 definition at MITREImpactr finds and proves weaknesses like CWE-1427 in your web apps and APIs - investigating, chaining, and validating each with a reproducible exploit.
Join the waitlist