19 matches found
CVE-2026-47645
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
EUVD-2026-38091
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
CVE-2026-47645
Summary: CVE-2026-47645 is an open redirect vulnerability in Microsoft 365 Copilot’s Business Chat that can lead to privilege escalation over a network. The issue is described across sources (NVD/MSRC/CVE records) as a url redirection to an untrusted site, with a CVSS v3.1 base score of 8.8 (HIGH...
CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
...
CVE-2026-47645 Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
...
PT-2026-51032
Name of the Vulnerable Software and Affected Versions Microsoft 365 Copilot's Business Chat affected versions not specified Description An open redirect issue exists, which is a flaw that allows a user to be redirected to an untrusted external website. This can enable an unauthorized attacker to...
Microsoft 365 Copilot's Business Chat Elevation of Privilege Vulnerability
Url redirection to untrusted site 'open redirect' in Microsoft 365 Copilot's Business Chat allows an unauthorized attacker to elevate privileges over a network...
KLA91032 OSI vulnerabilities in Microsoft Apps
An information disclosure vulnerabilities were found in Microsoft Apps. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions. Original advisories CVE-2026-26129 CVE-2026-26164 Exploitation Related products Microsoft-365 CVE list...
Microsoft 365 Copilot Business Chat 安全漏洞
Microsoft 365 Copilot Business Chat is an AI chat software developed by Microsoft Corporation in the United States. There is a security vulnerability in Microsoft 365 Copilot Business Chat, which stems from improper neutralization of special elements. This vulnerability could allow unauthorized...
CVE-2026-26137
Server-side request forgery ssrf in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privileges over a network...
EUVD-2026-13184
Server-side request forgery ssrf in Microsoft 365 Copilot's Business Chat allows an authorized attacker to elevate privileges over a network...
CVE-2026-26137
Server-side request forgery ssrf in Microsoft Exchange allows an authorized attacker to elevate privileges over a network...
CVE-2026-26137
Server-side request forgery ssrf in Microsoft Exchange allows an authorized attacker to elevate privileges over a network...
PT-2026-26355
Microsoft 365 Copilot BizChat Elevation of Privilege Vulnerability CVE: CVE-2026-26137 PT-Identifier: PT-2026-26355 Vendor: Microsoft Product: Microsoft 365 Copilot's Business Chat CVSS: 8.9 Credits: n/a Description: Server-side request forgery ssrf in Microsoft 365 Copilot's Business Chat allows...
Microsoft 365 Copilot Business Chat 代码问题漏洞
Microsoft 365 Copilot Business Chat is an AI chat software developed by Microsoft Corporation in the United States. There are code-related vulnerabilities in Microsoft 365 Copilot Business Chat. These vulnerabilities stem from server-side request forgery, which may allow authorized attackers to...
Microsoft 365 Copilot Business Chat Spoofing Vulnerability
Microsoft 365 Copilot Business Chat is an AI chat software from Microsoft Corporation, USA. Microsoft 365 Copilot Business Chat has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...
Microsoft 365 Copilot Business Chat Spoofing Vulnerability (CNVD-2025-25468)
Microsoft 365 Copilot Business Chat is an AI chat software from Microsoft Corporation, USA. Microsoft 365 Copilot Business Chat has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...
Microsoft 365 Copilot Business Chat 命令注入漏洞
Microsoft 365 Copilot Business Chat is an AI chat software from Microsoft Corporation, USA. Microsoft 365 Copilot Business Chat has a spoofing vulnerability that can be exploited by attackers to cause spoofing attacks...
Shopify: ██████ DOM XSS via Shopify.API.remoteRedirect
Hi, team. I found a dom xss on the apple-business-chat app that seems to be referring to a vulnerable js file. For users who have installed this app, just let him use the theme code I provided to complete xss. Modify the theme code to the following payload function attack let...