CloudSEK’s BeVigil platform has uncovered a critical security vulnerability affecting an aviation giant, where an exposed JavaScript file containing an unauthenticated API endpoint led to unauthorized access to Microsoft Graph tokens with elevated privileges. This security lapse resulted in the exposure of sensitive data belonging to more than 50,000 Azure Active Directory users, highlighting significant […]

The post Over 50,000 Azure AD Users’ Access Tokens Exposed via Unauthenticated API Endpoint appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

Aman Mishra

Source: gbHackers
Source Link: https://gbhackers.com/over-50000-azure-ad-users-access-tokens-exposed/