1. News
  2. Technology
  3. Critical server-side vulnerability in Microsoft Copilot Studio gives illegal access to internal infrastructure

Critical server-side vulnerability in Microsoft Copilot Studio gives illegal access to internal infrastructure

featured
Share

Share This Post

or copy the link



A critical vulnerability has been discovered in Microsoft’s Copilot Studio, posing significant risks to sensitive internal data. This flaw, identified as a server-side request forgery (SSRF), allows unauthorized access to internal infrastructure, potentially impacting multiple tenants.

The flaw identified by Tenable’s Research Team is attributed to improper handling of redirect status codes in user-configurable actions, which allows attackers to manipulate HTTP requests.



Source link

0
joy
Joy
0
cong_
Cong.
0
loved
Loved
0
surprised
Surprised
0
unliked
Unliked
0
mad
Mad
Critical server-side vulnerability in Microsoft Copilot Studio gives illegal access to internal infrastructure
Comment

Your email address will not be published. Required fields are marked *

Login

To enjoy 9News privileges, log in or create an account now, and it's completely free!

Follow Us