Hassan Khan
Yellow.ai, a widely used agentic AI platform powering customer service chatbots for big brands like Sony, Domino’s, and Hyundai, has recently been found vulnerable to a serious security flaw. Cybersecurity researchers at Cybernews have revealed that the chatbot suffers from a reflected cross site scripting (XSS) vulnerability, which could allow attackers to hijack user accounts.
The vulnerability works in a particularly sneaky way. Attackers could craft a malicious prompt that tricks the chatbot into generating an HTML Response containing hidden instructions. When these instructions are executed, they can run arbitrary code and deliver a victim’s session cookies directly to the attacker. With access to session cookies, cybercriminals could potentially take full control of user accounts or manipulate sensitive interactions with the chatbot.
Researchers also noted that the attack could extend beyond automated chatbot interactions. By engaging a human support agent in a follow-up conversation, attackers could execute previously generated malicious code to extract cookies, effectively breaching Yellow.ai’s customer support systems.
This discovery comes amid a growing wave of security concerns around AI chatbots. Just recently, Lenovo’s Lena customer service assistant was found to have a similar XSS vulnerability, highlighting a broader challenge in securing AI-driven customer support tools. Experts are urging companies that deploy AI chatbots to review security protocols, apply timely patches, and educate staff on potential attack vectors.
Read More: Best AI Assistants (Chatbots) in 2025
For users interacting with AI chatbots, it’s a reminder to remain vigilant, avoid sharing sensitive information unnecessarily, and report any suspicious behavior to the service provider. Yellow.ai has not yet released an official statement regarding this vulnerability, but industry analysts expect immediate steps to mitigate the risk given the prominence of the affected brands.
As AI-powered chatbots become more common in customer service, incidents like this highlight the need for stronger security measures to protect both users and businesses from emerging cyber threats.
