Microsoft Copilot Studio Vulnerability Led to Information Disclosure
August 21, 2024 at 08:54AM A vulnerability in Microsoft Copilot Studio, tracked as CVE-2024-38206, allowed access to sensitive internal infrastructure. Despite being fully mitigated, an attacker could bypass server-side request forgery protection to leak information. The exploitation also led to access to Cosmos DB instances. This flaw may have had cross-tenant impacts, prompting concern over … Read more