Microsoft Patches Vulnerability Leading to Azure Account Takeover

This post was originally published on this site

Microsoft recently addressed an OAuth 2.0 vulnerability that could allow an attacker to take over Azure accounts.

The issue impacts specific Microsoft OAuth 2.0 applications and allows an attacker to create tokens with the victim’s permissions, CyberArk’s security researchers have discovered.

read more