All Blog Posts
-
Azure HDInsight: The Sequel – Unveiling 3 New Vulnerabilities That Could Have Led to Privilege Escalations and Denial of Service Feb 6, 2024
-
Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services Sep 13, 2023
-
Two XSS Vulnerabilities in Azure with Embedded postMessage IFrames Jun 14, 2023
-
FabriXss (CVE-2022-35829): How We Managed to Abuse a Custom Role User Using CSTI and Stored XSS in Azure Fabric Explorer Mar 30, 2023
-
Super FabriXss: From XSS to an RCE in Azure Service Fabric Explorer by Abusing an Event Tab Cluster Toggle (CVE-2023-23383) Mar 30, 2023
-
Unauthenticated SSRF Vulnerability on Azure Digital Twins Explorer Jan 23, 2023
-
Authenticated SSRF Vulnerability on Azure API Management Service Jan 17, 2023
-
Authenticated SSRF Vulnerability on Azure Machine Learning Service Jan 17, 2023
-
Unauthenticated SSRF Vulnerability on Azure Functions Jan 17, 2023
-
CosMiss: Azure Cosmos DB Notebook Remote Code Execution Vulnerability Nov 1, 2022
-
Oracle Server Side Request Forgery (SSRF) Metadata Feb 8, 2022