Writer critical session isolation security flaw
Vulnerability
Summary
Hide ▲
Show ▼
Writer disclosed a now-patched critical session isolation vulnerability that could enable cross-tenant compromise and account takeover in its enterprise AI platform. The one-click WriteOut flaw abused live preview behavior to forward a victim's session cookie into an attacker-controlled sandbox. Writer said it fixed the issue and moved previews to an isolated origin.
Timeline
-
07.07.2026 16:27 2 articles · 2d ago
WriteOut flaw lets shared Writer preview links leak session cookies
Initial DisclosureSand Security disclosed WriteOut, a critical session isolation vulnerability in Writer that could let a signed-in user who opened a shared live preview link have a session cookie forwarded into an attacker-controlled sandbox and enable cross-tenant account takeover, including access to private chats, documents, agents, configurations, private models, connectors, and LLM credentials; Writer said it fixed the issue within 24 hours of notification in May 2026, prevented session cookies from reaching sandbox previews, and moved previews to an isolated origin.
Show sources
- Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants — thehackernews.com — 07.07.2026 16:27
- Writer AI Flaw Could Let Agent Previews Leak Session Tokens Across Tenants — thehackernews.com — 07.07.2026 16:27