Severity
High · CVSS 7.5
Target
Major AI Platform
Date
2026-02
Category
Privacy / Information Disclosure

Mass User Prompt Leakage via URL Parameters: Permanently Archived

The AI platform accepted user prompts via URL query parameters, which were reflected in the page HTML. These prompt-carrying URLs were actively crawled and permanently archived by major web archival services. Prompts contained source code with business logic, system prompt instructions, and corporate intelligence.

Attack Chain

    Step 1: Prompts accepted via URL parameters

    URL query parameters accepted prompt content and reflected it in the page source.

    Step 2: Web archives actively capturing prompts

    Over a thousand prompt-carrying URLs permanently archived and publicly searchable.

    Step 3: Sensitive data categories in cached prompts

    Prompts contained source code with financial logic, AI system prompts, messaging API data, and corporate intelligence.

    Step 4: No archival prevention in place

    The page had Cache-Control headers but no archival-prevention directives. Web crawlers ignore Cache-Control for archival decisions.

What Scanners Would Miss

Web scanners test for XSS in reflected parameters. They don't cross-reference web archives to discover that URL parameters are creating a permanent, searchable database of user prompts.

By the Pinaka team · Published for educational purposes. All findings were responsibly disclosed.