454 – Improper output handling

Description

The application does not properly validate, sanitize, or contextualize LLM outputs used before they are passed downstream to other components and systems.

Impact

The consequences are entirely contextual, depending on the system that the model is integrated into. Successful exploitation can result in XSS, CSRF, or SSRF privilege escalation, or remote code execution on backend systems.

Recommendation

- Sanitize LLM output before integrating it into other systems. - Audit interactions (logs).

Threat

Authenticated attacker from the Internet.

Expected Remediation Time

60 minutes.

Score 4.0

Default score using CVSS 4.0. It may change depending on the context of the src.

Base 4.0

• Attack vector: N
• Attack complexity: L
• Attack Requirements: N
• Privileges required: L
• User interaction: N
• Confidentiality (VC): N
• Integrity (VI): L
• Availability (VA): N
• Confidentiality (SC): N
• Integrity (SI): N
• Availability (SA): N

Threat 4.0

• Exploit maturity: U

Requirements

• 173 - Discard unsafe inputs
• 265 - Restrict access to critical processes
• 321 - Avoid deserializing untrusted data
• 342 - Validate request parameters

Last updated

2025/07/10