writeups.xyz / Microsoft Azure Account Takeover via DOM-based XSS in Cosmos DB Explorer

Submitter : c2a

Date: 24 February 2023

Bounty : undisclosed

Vulnerabilities :

• Account Takeover
• DOM XSS

Programs :

• Microsoft (Azure)

Authors :

• Ngo Wei Lin (@Creastery)

Link :
https://starlabs.sg/blog/2023/02-microsoft-azure-account-takeover-via-dom-based-xss-in-cosmos-db-explorer/