What are the two types of prompt injection

LLMs can reveal sensitive data like

An LLM system deploys pre-trained models from a widely used repository without thorough verification. A compromised model introduces malicious code, causing biased outputs in certain contexts and leading to harmful or manipulated outcomes

Happens when a user's input changes how an LLM behaves or responds in unexpected ways. These vulnerabilities occur because of how models process prompts and how input can make the model incorrectly send prompt data to other model parts.

refers specifically to insufficient validation, sanitization, and handling of the outputs generated by large language models before they are passed downstream to other components and systems.

Successful exploitation of an Improper Output Handling vulnerability can result in XSS and CSRF in web browsers as well as SSRF, privilege escalation, or remote code execution on backend systems.