An authenticated attacker can bypass Server-Side Request Forgery (SSRF) protection in Microsoft Copilot Studio to leak sensitive information over a network.Referenceshttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38206