Microsoft Copilot Studio Exploit Leaks Sensitive Cloud Data
August 21, 2024 at 11:20AM Tenable researchers discovered a server-side request forgery (SSRF) vulnerability in Microsoft’s Copilot Studio tool, allowing attackers to access sensitive cloud-based information. This flaw, tracked as CVE-2024-38206, could impact multiple tenants by bypassing SSRF protection. However, Microsoft has fully mitigated the vulnerability, ensuring no action is required from Copilot Studio users. … Read more