VDB
GCVE-110-CLOUD-2023-0018
GCVE-110-CLOUD-2023-0018
Advisory Published
In Vertex AI Studio, a Prompt Injection attack could cause the LLM to return
markdown tags. This could have allowed an adversary whose data makes it into
the chat context (e.g., via an uploaded file) to achieve
exfiltration of the victim’s data by rendering hyperlinks. However, the severity of this issue is low,
as there were no integrations that could pull remote content. This means
Indirect Prompt Injection was not possible, and it would require the victim to copy
the malicious prompt from elsewhere. A similar issue affected Azure AI.
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| GCP | Vertex AI Studio | — | — |
| Azure | Cloud Services | — | — |
Browse GCVE Records
73,834 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.