SearchLeak: Three-Bug Chain in Microsoft 365 Copilot Could Enable One-Click Data Exfiltration
Summary
Security researchers discovered a vulnerability chain called "SearchLeak" in Microsoft 365 Copilot Enterprise Search that could allow attackers to exfiltrate emails, calendar details, and indexed files with a single click. The attack exploits three bugs: a Parameter-to-Prompt injection via the q URL parameter that treats user input as instructions, a race condition in response rendering that bypasses sanitization, and a Content Security Policy bypass using m365.cloud.microsoft domain behavior to load images from external domains.
Source
Key quotes
· 5 pulledSearchLeak chains three bugs to enable one-click exfiltration from Microsoft 365 Copilot Enterprise Search, pulling emails, calendar details, and indexed files.
The entry point is the q parameter in the Copilot Enterprise Search URL, which Copilot treats as instructions rather than a natural-language search string.
A Parameter-to-Prompt injection URL can instruct Copilot to search a mailbox, extract an email title, and embed it in an image URL.
A race condition in response rendering allows an injected tag to fire before browser wrapping and sanitization occur.
A final link bypasses the page's Content Security Policy by using m365.cloud.microsoft behavior to block images from an external domain.
You might also wanna read
Microsoft 365 Copilot Vulnerability: Mermaid Diagram Attack Enables Data Exfiltration
A security researcher discovered a vulnerability in Microsoft 365 Copilot where specially crafted Office documents could trigger indirect pr
adamlogue.com·8mo agoMicrosoft Copilot Cowork Vulnerability Enables File Exfiltration via Indirect Prompt Injection
This article demonstrates a security vulnerability in Microsoft Copilot Cowork, a Microsoft 365 feature. Through indirect prompt injection i
promptarmor.com·1mo agoMicrosoft Copilot Cowork Vulnerability Enables File Exfiltration via Prompt Injection
Microsoft Copilot Cowork has a vulnerability that allows attackers to exfiltrate files through indirect prompt injection attacks. The exploi
EchoLeak – 0-Click AI Vulnerability Enabling Data Exfiltration from 365 Copilot
Microsoft Copilot Security Vulnerability Allows File Access Without Audit Logging
A security researcher discovered a critical vulnerability in Microsoft's Copilot AI where the system can access and retrieve information fro
Microsoft 365 Copilot Bug Summarizes Confidential Emails, Bypassing Security Policies
Microsoft has acknowledged a bug in Microsoft 365 Copilot that has been causing the AI assistant to summarize confidential emails since late

Comments
Sign in to join the conversation.
No comments yet. Be the first.