Description: A critical authentication bypass/misconfiguration has been identified in the ChatGPT Team onboarding flow. Users can gain unauthorized access to an active ChatGPT Team space simply by using an arbitrary email prefix with a specific educational domain via Single Sign-On (SSO).
Vulnerability Type: Authentication Bypass / SSO Domain Misconfiguration / Improper Privilege Assignment
Affected Domain: wishtoapp.edu.kg
Steps to Reproduce (PoC):
-
Go to the official OpenAI login page .
-
Attempt to sign in or sign up using an email address with an arbitrary prefix followed by the specific domain suffix (e.g.,
anything123@wishtoapp.edu.kg). -
Proceed with the Single Sign-On (SSO) authentication flow.
-
Upon successful SSO authentication, the system automatically associates the account with an active ChatGPT Team workspace and grants full Team privileges for free, skipping the expected verification or invitation safeguards.
Expected Behavior: The system should restrict automatic ChatGPT Team workspace activation to verified organizational members or require an explicit invitation link, rather than granting automatic entry to any arbitrary mailbox sharing the domain suffix.
Impact: This flaw allows any user to exploit the domain to access a ChatGPT Team subscription without authorization or payment, leading to potential data exposure within that Team workspace and financial loss due to unauthorized seat consumption.