Description
Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Published: 2026-04-23
Score: 9.3 Critical
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation via URL Redirection
Action: Patch Immediately
AI Analysis

Impact

The vulnerability is an open redirect in Microsoft 365 Copilot that permits an unauthorized attacker to gain elevated privileges on a network. By manipulating the redirect URL, the attacker can cause the application or user to navigate to a malicious host, enabling unauthorized access or influence over resources. This flaw is classified as CWE‑601 and allows bypass of intended navigation controls.

Affected Systems

Microsoft 365 Copilot is the affected product. The vendor is Microsoft. Specific version information is not supplied, meaning any installation of Microsoft 365 Copilot that has not received an update may be vulnerable.

Risk and Exploitability

The CVSS score of 9.3 indicates a critical severity, while the EPSS score of less than 1% suggests a low current exploitation probability, and the vulnerability is not listed in the CISA KEV catalog. The likely attack vector is a crafted URL sent through email or a document that exploits the open redirect behavior to elevate privileges. If exploited, an attacker could bypass authentication constraints and gain higher‑level access on the network.

Generated by OpenCVE AI on April 28, 2026 at 07:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Microsoft 365 Copilot update as released by Microsoft
  • Configure stringent URL validation to reject redirects to external or untrusted domains
  • Monitor network traffic for unexpected outbound redirects and block known malicious domains

Generated by OpenCVE AI on April 28, 2026 at 07:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 29 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
CPEs cpe:2.3:a:microsoft:365_copilot:-:*:*:*:*:*:*:*

Fri, 24 Apr 2026 19:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Thu, 23 Apr 2026 22:00:00 +0000

Type Values Removed Values Added
Description Url redirection to untrusted site ('open redirect') in M365 Copilot allows an unauthorized attacker to elevate privileges over a network.
Title Microsoft 365 Copilot Elevation of Privilege Vulnerability
First Time appeared Microsoft
Microsoft 365 Copilot
Weaknesses CWE-601
CPEs cpe:2.3:a:microsoft:365_copilot:*:*:*:*:*:*:*:*
Vendors & Products Microsoft
Microsoft 365 Copilot
References
Metrics cvssV3_1

{'score': 9.3, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N/E:U/RL:O/RC:C'}

Subscriptions

Microsoft 365 Copilot
cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published:

Updated: 2026-05-12T17:37:46.760Z

Reserved: 2026-03-17T20:15:23.719Z

Link: CVE-2026-33102

cve-icon Vulnrichment

Updated: 2026-04-24T16:21:13.808Z

cve-icon NVD

Status : Analyzed

Published: 2026-04-23T22:16:37.093

Modified: 2026-04-29T19:04:21.620

Link: CVE-2026-33102

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-28T07:30:26Z

Weaknesses