The vulnerability in Copilot Chat for Microsoft Edge arises from improper neutralization of special elements in output that is subsequently rendered by a downstream component, a form of injection weakness. This flaw allows an attacker lacking authorization to read data that should be protected, resulting in the disclosure of sensitive or confidential information. The weakness is classified as CWE-74, which concerns improper handling of HTML or similar markup.

Microsoft’s Copilot Chat component in Microsoft Edge is impacted. All installations of this feature that have not applied the vendor’s latest update are susceptible, as no version exceptions are listed in the advisory.

The reported CVSS score of 6.5 indicates a moderate overall risk to confidentiality, with no component granting integrity or availability impact. The EPSS score is unavailable, and the issue is not listed in the CISA KEV catalog, suggesting that widespread exploitation has not been observed or recorded. The likely attack path involves an attacker sending crafted input to the Copilot Chat interface over a network connection, potentially from a malicious web page or a compromised local system, which could then cause the downstream component to reveal protected data. Given the absence of a high exploitation score and the fact that the flaw is not a privilege escalation vector, the threat remains moderate but should still be addressed promptly to prevent data leakage.