Leaky Diagrams: The Uninvited Guest in Microsoft 365 Copilot's Chat

Technical Details of the Incident/Vulnerability Microsoft 365 Copilot has been patched to remove an indirect prompt injection flaw that could have allowed attackers to steal sensitive data using clickable Mermaid diagrams. The vulnerability was disco...