2025-10-09 21:04:14
microsoft
PUBLISHED
Improper neutralization of special elements used in a command (command injection) in Copilot allows an unauthorized attacker to perform information disclosure locally.