Injection: Difference between revisions

From Rice Wiki
(Created page with "Category:Cybersecurity An '''injection''' refers to flaws that come from data and control being sent on the same channel, allowing users to send malicious control signals that are unwittingly processed. = Examples = * Prompt injection in LLMs")
 
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 2: Line 2:


An '''injection''' refers to flaws that come from data and control being sent on the same channel, allowing users to send malicious control signals that are unwittingly processed.
An '''injection''' refers to flaws that come from data and control being sent on the same channel, allowing users to send malicious control signals that are unwittingly processed.
= Defense =
The most robust/general solution is to separate data and control.


= Examples =
= Examples =
* [[Prompt injection]] in LLMs
* [[Prompt injection]] in LLMs
* [[SQL injectoin]]
* [[Phone injection]]
* [[Command injection]]
* [[Cross-site scripting]]

Latest revision as of 20:34, 23 May 2024


An injection refers to flaws that come from data and control being sent on the same channel, allowing users to send malicious control signals that are unwittingly processed.

Defense

The most robust/general solution is to separate data and control.

Examples