Dark Reading

Low-Code Tools in Microsoft Azure Allowed Unprivileged Access

Applications connected to Azure through its API Connections functionality could have leaked data to unauthenticated or low-privileged users prior to Microsoft fixing the issue earlier this year, ...
CSOonline

Azure API Management flaws highlight server-side request forgery risks in API development

Microsoft recently patched three vulnerabilities in its Azure API Management service, two of which enabled server-side request forgery (SSRF) attacks that could have allowed hackers to access internal ...
CSOonline

Microsoft patches 3 vulnerabilities in Azure API Management

The vulnerabilities comprise url formatting bypasses and an unrestricted file upload functionality in the API Management developer portal, according to cybersecurity firm Ermetic. Microsoft has ...