Home / Vulnerability Management / ChatGPT source code sometimes would need refactoring and might not work as recommended.

ChatGPT source code sometimes would need refactoring and might not work as recommended.

As part of source code analysis lab i was researching to see what ChatGPT offers as compliant source code to some of the well known vulnerabilities. The one i was researching was about creating an application that vulnerable to SSRF(Server Side Request Forgery) and i came across the source code that ChatGPT listed as being vulnerable to SSRF and one of the recommendations to remediate the vulnerability.

One of the recommendations was creating a List using “Allowlist URLS” and i tested to my surprise the code doesn’t work as chat GPT Provided source code. What i ended doing was creating the project as recommended by ChatGPT and testing with URL that is part of the allow list and the code was not working. What I finally ended up doing was refactoring the code so it would work as it should. I have shared the video below on the process that i used to test the source code and also refactored source code working after making changes.

Tagged: