cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-49038,https://securityvulnerability.io/vulnerability/CVE-2024-49038,Unauthorized Access Elevates Privilege Over Network,"A vulnerability exists in Copilot Studio due to improper neutralization of input within web page generation functions. This flaw can be exploited by unauthorized attackers to execute arbitrary scripts in the context of a user's session, leading to potential elevation of privilege across the network. Organizations utilizing Copilot Studio are advised to review security measures, apply necessary updates, and monitor for unauthorized access to safeguard against this threat. For further details, refer to the vendor advisory.",Microsoft,Microsoft Copilot Studio,9.3,CRITICAL,0.000910000002477318,false,false,false,false,,false,false,2024-11-26T20:15:00.000Z,0
CVE-2024-43610,https://securityvulnerability.io/vulnerability/CVE-2024-43610,Copilot Studio Information Disclosure Vulnerability,"The vulnerability in Microsoft Copilot Studio enables an unauthorized attacker to exploit a network attack vector to gain access to sensitive information. This exposure occurs due to insufficient safeguards in the application, allowing unauthenticated users to retrieve confidential data that should remain protected. The issue underscores the importance of implementing robust security measures to prevent unauthorized information disclosure and protect user privacy.",Microsoft,Microsoft Copilot Studio,7.4,HIGH,0.0008699999889358878,false,false,false,false,,false,false,2024-10-09T17:15:00.000Z,0
CVE-2024-38206,https://securityvulnerability.io/vulnerability/CVE-2024-38206,Bypassing SSRF Protection Leaks Sensitive Information,"An authenticated attacker can exploit a vulnerability in Microsoft Copilot Studio that enables bypassing of Server-Side Request Forgery (SSRF) protections, resulting in the potential leakage of sensitive information across the network. This situation highlights the critical need for organizations to implement robust security measures to safeguard against unauthorized access and to regularly update their systems to mitigate such vulnerabilities. Microsoft has issued guidance on recognizing and addressing this issue in affected versions of the product.",Microsoft,Microsoft Copilot Studio,8.5,HIGH,0.0008399999933317304,false,true,false,true,,true,false,2024-08-06T22:15:00.000Z,4533