Microsoft mitigates set of cross-site scripting (XSS) vulnerabilities in Azure Bastion and Azure Container Registry | allinfosecnews.com

June 14, 2023, 7 a.m. |

Microsoft Security Response Center msrc-blog.microsoft.com

Summary Summary Microsoft recently mitigated a set of cross-site scripting vulnerabilities affecting Azure Bastion and Azure Container Registry (ACR). Exploitation of these vulnerabilities could have potentially allowed for an unauthorized user to gain access to a target user’s session within the compromised Azure service, and subsequently lead to data tampering or resource modification.

access azure azure container registry azure service bastion compromised container cross-site exploitation microsoft registry scripting service session target vulnerabilities xss

More from msrc-blog.microsoft.com / Microsoft Security Response Center

Congratulations to the Top MSRC 2024 Q1 Security Researchers! 1 month, 2 weeks ago | msrc-blog.microsoft.com

check chen customers hard +13

Toward greater transparency: Adopting the CWE standard for Microsoft CVEs 1 month, 3 weeks ago | msrc-blog.microsoft.com

center communities current customers +20

Embracing innovation: Derrick’s transition from banking to Microsoft’s Threat Intelligence team 1 month, 4 weeks ago | msrc-blog.microsoft.com

analysts banking collect curiosity +20

Update on Microsoft Actions Following Attack by Nation State Actor Midnight Blizzard 2 months, 3 weeks ago | msrc-blog.microsoft.com

actions actor attack blizzard +24

Faye’s Journey: From Security PM to Diversity Advocate at Microsoft 3 months ago | msrc-blog.microsoft.com

career deployment desktop desktops +9

Microsoft boosts its Microsoft 365 Insider Builds on Windows Bounty Program with higher awards and … 3 months ago | msrc-blog.microsoft.com

award awards bounty bug +16

From Indiana Jones to Cybersecurity: The Inspiring Journey of Devin 3 months ago | msrc-blog.microsoft.com

adventures cybersecurity dream found +7

An Obsession With Impact: The Inspiring Journey of a Dreamer That Led to a Career … 3 months, 1 week ago | msrc-blog.microsoft.com

bruce career college dream +13

New Security Advisory Tab Added to the Microsoft Security Update Guide 3 months, 2 weeks ago | msrc-blog.microsoft.com

advisory customers feedback guide +16

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland

View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City

View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL

View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US

View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote

View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC

View on infosec-jobs.com