all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

XSS Vulnerabilities in Azure Services Let Attackers Execute Malicious Scripts

Add to bookmarks
June 16, 2023, 4:23 a.m. | Guru

Cyber Security News cybersecuritynews.com

Two severe vulnerabilities in Azure services, Azure Bastion and Azure Container Registry—that allow Cross-Site Scripting (XSS) by leveraging a flaw in the postMessage iframe have been discovered. Cross-site scripting (XSS) is malicious scripts being unintentionally executed by users’ browsers after being injected by a threat actor into a reliable website. Threat actors may acquire unauthorized […]


The post XSS Vulnerabilities in Azure Services Let Attackers Execute Malicious Scripts appeared first on Cyber Security News.

actor attackers azure azure container registry bastion browsers container cross-site cyber security flaw iframe malicious registry scripting scripts services threat threat actor vulnerabilities vulnerability website xss

Visit resource

More from cybersecuritynews.com / Cyber Security News

Cyber Security News Weekly Round-Up (Vulnerabilities, Cyber Attacks, Threats & New Stories) 6 hours ago | cybersecuritynews.com
attack attacks attack vectors cyber +20
Critical Next.js Vulnerability Let Attackers Compromise Server Operations 1 day, 12 hours ago | cybersecuritynews.com
attackers compromise critical cve +18
British Columbia Cyber Attack: Investigation In Progress 2 days, 5 hours ago | cybersecuritynews.com
attack british british columbia columbia +25
New ‘TunnelVision’ Technique Allows Hackers to Bypass VPN Encryption 2 days, 7 hours ago | cybersecuritynews.com
attackers bypass called cyber security +23
New Malware Attacking Windows & MS Office Users 2 days, 7 hours ago | cybersecuritynews.com
access campaign coin miners cracked +26
FIN7 Hackers Abuse Sponsored Google Ads To Deliver MSIX Payloads 2 days, 8 hours ago | cybersecuritynews.com
abuse ads can clicking +22
New F5 Next-Gen Manager Flaw Let Attackers Take Full Admin Control 2 days, 8 hours ago | cybersecuritynews.com
accounts actor admin assets +21
Accenture Wins $789 Million Contract to Support Global U.S. Navy Maritime Forces 2 days, 10 hours ago | cybersecuritynews.com
accenture accenture federal services afs bolster +19
Alert! Google Chrome Zero-day Exploited in the Wild 2 days, 11 hours ago | cybersecuritynews.com
access alert attackers browser +30

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Lead Security Engineer

@ JPMorgan Chase & Co. | Tampa, FL, United States
View on infosec-jobs.com

GTI Manager of Cybersecurity Operations

@ Grant Thornton | Tulsa, OK, United States
View on infosec-jobs.com

GCP Incident Response Engineer

@ Publicis Groupe | Dallas, Texas, United States
View on infosec-jobs.com

DevSecOps Engineer - CL - Santiago

@ Globant | Santiago de Chile, Santiago, CL
View on infosec-jobs.com

IT Security Analyst - State Government & Healthcare

@ NTT DATA | Little Rock, AR, US
View on infosec-jobs.com

Exploit Developer

@ Peraton | Fort Meade, MD, United States
View on infosec-jobs.com
View more jobs