Microsoft 365 Copilot For Work: Image Data Exfiltration From SharePoint
1 min read
Summary
During testing of Microsoft’s Copilot chatbot, it was found that improper input validation could allow for the exfiltration of data from a user’s SharePoint files.
This could be exploited by getting the chatbot to preview code containing a remotely hosted image in an tag.
In some cases, the image could be loaded into the chatbot preview, and its data extracted, potentially allowing for the exfiltration of data from the user’s SharePoint folders.
This could provide an attacker with access to confidential information without ever needing to directly access the SharePoint platform.
Following responsible disclosure, Microsoft fixed the issue by blocking the loading of the image data via the chatbot interface.