Super FabriXss vulnerability in Microsoft Azure SFX could lead to RCE | allinfosecnews.com

March 30, 2023, 9:01 p.m. | Pierluigi Paganini

Security Affairs securityaffairs.co

Researchers shared details about a flaw, dubbed Super FabriXss, in Azure Service Fabric Explorer (SFX) that could lead to unauthenticated remote code execution. Researchers from Orca Security shared details about a new vulnerability, dubbed Super FabriXss (CVE-2023-23383 – CVSS score: 8.2), in Azure. The experts demonstrated how to escalate a reflected XSS vulnerability in Azure Service […]

The post Super FabriXss vulnerability in Microsoft Azure SFX could lead to RCE appeared first on Security Affairs.

azure azure service azure service fabric explorer breaking news code code execution cve cve-2023-23383 cvss experts explorer fabrixss flaw hacking information security news it information security microsoft microsoft azure orca orca security pierluigi paganini rce reflected xss remote code remote code execution researchers score security service service fabric sfx super super fabrixss vulnerability xss

More from securityaffairs.co / Security Affairs

MITRE revealed that nation-state actors breached its systems via Ivanti zero-days 8 hours ago | securityaffairs.co

actor april breach breached +30

FBI chief says China is preparing to attack US critical infrastructure 20 hours ago | securityaffairs.co

apt attack attacks breaking news +29

United Nations Development Programme (UNDP) investigates data breach 23 hours ago | securityaffairs.co

8base ransomware agency attack breach +18

FIN7 targeted a large U.S. carmaker phishing attacks 1 day, 10 hours ago | securityaffairs.co

actor anunak apt attacks +24

Law enforcement operation dismantled phishing-as-a-service platform LabHost 1 day, 15 hours ago | securityaffairs.co

as-a-service breaking news coordinated countries +22

Previously unknown Kapeka backdoor linked to Russian Sandworm APT 1 day, 20 hours ago | securityaffairs.co

apt attacks backdoor called +18

Cisco warns of a command injection escalation flaw in its IMC. PoC publicly available 1 day, 22 hours ago | securityaffairs.co

aware breaking news cisco code +22

Linux variant of Cerber ransomware targets Atlassian servers 2 days, 12 hours ago | securityaffairs.co

atlassian breaking news center cerber +31

Ivanti fixed two critical flaws in its Avalanche MDM 2 days, 19 hours ago | securityaffairs.co

avalanche avalanche mdm breaking news can +23

SOC 2 Manager, Audit and Certification

@ Deloitte | US and CA Multiple Locations

View on infosec-jobs.com

Information Security Engineers

@ D. E. Shaw Research | New York City

View on infosec-jobs.com

Junior Cybersecurity Triage Analyst

@ Peraton | Linthicum, MD, United States

View on infosec-jobs.com

Associate Director, Operations Compliance and Investigations Management

@ Legend Biotech | Raritan, New Jersey, United States

View on infosec-jobs.com

Analyst, Cyber Operations Engineer

@ BlackRock | SN6-Singapore - 20 Anson Road

View on infosec-jobs.com

Working Student/Intern/Thesis: Hardware based Cybersecurity Training (m/f/d)

@ AVL | Regensburg, DE

View on infosec-jobs.com