{"author_name":"ThisIsOne","blog_url":"https://cysec148.hatenablog.com/","provider_name":"Hatena Blog","blog_title":"Shikata Ga Nai","categories":["Web Security Academy","LLM attacks"],"version":"1.0","url":"https://cysec148.hatenablog.com/entry/2025/09/14/144405","author_url":"https://blog.hatena.ne.jp/ThisIsOne/","width":"100%","html":"","type":"rich","description":"Hello there, ('\u03c9')\u30ce \u306a\u305c\u3053\u306e\u653b\u6483\u304c\u6210\u7acb\u3059\u308b\u306e\u304b\uff08\u6700\u521d\u306b\u201c\u7d75\u201d\u3092\u3064\u304b\u3080\uff09 \u30c1\u30e3\u30c3\u30c8UI\u306f LLM\u304c\u751f\u6210\u3057\u305f\u30c6\u30ad\u30b9\u30c8\u3092 innerHTML \u7684\u306b\u63cf\u753b\u3057\u3066\u3044\u308b\u3002 \u2192 \u51fa\u529b\u306e\u30b5\u30cb\u30bf\u30a4\u30ba\u4e0d\u8db3\u3002 LLM \u306f product_info \u306e\u3088\u3046\u306a \u95a2\u6570\uff08\u30c4\u30fc\u30eb\uff09\u7d4c\u7531\u3067\u300c\u5546\u54c1\u540d\u3084ID\u3092\u6e21\u3059\u3068\u30ec\u30d3\u30e5\u30fc\u306a\u3069\u306e\u60c5\u5831\u300d\u3092\u53d6\u5f97\u3057\u3001\u305d\u308c\u3092\u8981\u7d04\uff0b\u5f15\u7528\u3057\u3066\u56de\u7b54\u3092\u7d44\u307f\u7acb\u3066\u308b\u3002 \u2192 \u5916\u90e8\u30b3\u30f3\u30c6\u30f3\u30c4\uff08\u30ec\u30d3\u30e5\u30fc\uff09\u304c LLM \u306e\u56de\u7b54\u306b\u6df7\u3056\u308b\u3002 \u30ec\u30d3\u30e5\u30fc\u6295\u7a3f\u9762\u306f\u76f4\u63a5\u306eXSS\u3092 \u30a8\u30b9\u30b1\u30fc\u30d7\u3057\u3066\u9632\u3044\u3067\u3044\u308b\u304c\u3001LLM \u304c\u305d\u308c\u3092\u201c\u6587\u5b57\u5217\u3068\u3057\u3066\u201d\u5fa9\u5143\u3057\u3066\u56de\u7b54\u306b\u8cbc\u3063\u3066\u3057\u307e\u3046\u3053\u3068\u304c\u3042\u308b\u3002 \u2192 \u5165\u529b\u306f\u5b89\u5168\u3067\u3082\u3001\u51fa\u529b\u3067\u7206\u767a\u3002 \u3053\u306e\u4e09\u70b9\u304c\u2026","provider_url":"https://hatena.blog","image_url":null,"published":"2025-09-14 14:44:05","height":"190","title":"Lab: Exploiting insecure output handling in LLMs"}