Improper validation of generative ai output in GitHub Copilot and Visual Studio Code allows an authorized attacker to bypass a security feature locally.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.