CVE-2024-38206

Name of the Vulnerable Software and Affected Versions Microsoft Copilot Studio (affected versions not specified)

Description The issue is related to insufficient validation of incoming requests, allowing an authenticated attacker to bypass Server-Side Request Forgery (SSRF) protection and potentially leak sensitive information over a network. This can be achieved through an SSRF attack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.