Security
Headlines
HeadlinesLatestCVEs

Headline

Awareness and guidance related to potential Service Fabric Explorer (SFX) v1 web client risk

Summary Summary Microsoft was recently made aware of a Cross-Site Scripting (XSS) vulnerability (CVE-2022-35829), that under limited circumstances, affects older versions of Service Fabric Explorer (SFX). The current default SFX web client (SFXv2) is not vulnerable to this attack. However, customers can manually switch from the default web client (SFXv2) to an older vulnerable SFX web client version (SFXv1).

msrc-blog
#xss#vulnerability#web#microsoft

msrc-blog: Latest News

Securing AI and Cloud with the Zero Day Quest