CVE-2024-49038

Name of the Vulnerable Software and Affected Versions: Copilot Studio (affected versions not specified)

Description: The issue is related to the improper neutralization of input during web page generation, also known as 'Cross-site Scripting', in Copilot Studio. This can allow an unauthorized attacker to elevate their privileges over a network. The vulnerability is associated with the failure to protect the structure of web pages.

Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.