MEDIUM
OpenAI
CVE published 2026-06-05
CVE-2026-11326
A cross-site scripting vulnerability was discovered in OpenAI Atlas before version 1.2025.288.15. The issue exposed privileged browser APIs to web content on *.openai.com origins, which could be exploited via a cross-site scripting vulnerability in forum.openai.com. This could allow attackers to access browser history information and open or close tabs. The vulnerability has been addressed in OpenAI Atlas [truncated]