VYPR
Critical severity9.3NVD Advisory· Published Nov 26, 2024· Updated Jun 17, 2026

CVE-2024-49038

CVE-2024-49038

Description

Improper neutralization of input during web page generation ('Cross-site Scripting') in Copilot Studio by an unauthorized attacker leads to elevation of privilege over a network.

Affected products

2

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.