TLDR:

The state variable that ChatGPT uses in the integration with plugins, was not random. Attackers could install a malicious plugin on a victim by sending a link that mimic the last step of the OAuth flow.

The takeaway: If your company has an OAuth, make sure the state parameter is random. That's a common mistake.

https://salt.security/blog/security-flaws-within-chatgpt-extensions-allowed-access-to-accounts-on-third-party-websites-and-sensitive-data