VDB

GCVE-110-CLOUD-2023-0017

GCVE-110-CLOUD-2023-0017
Advisory Published
Vulnetix · Advisory published October 19, 2023
In Azure AI Playground, a Prompt Injection attack could cause an LLM to return markdown tags. This would have allowed an adversary whose data makes it into the chat context (e.g., via an uploaded file) to achieve exfiltration of the victim’s data by rendering hyperlinks. However, the severity of this issue is low, as there were no integrations that could pull remote content. This means Indirect Prompt Injection was not possible, and it would require the victim to copy the malicious prompt from elsewhere. A similar issue affected GCP Vertex AI.

Affected Products

VendorProductVersionsPlatforms
AzureAI Playground
AzureCloud Services

References

advisory

Browse GCVE Records

72,664 records in the GCVE database · Updated July 15, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›