July 17, 2025; CVSS 10.0 Entra ID bug via legacy Graph enabled cross-tenant impersonation risking tenant compromise.
The Register on MSN
One token to pwn them all: Entra ID bug could have granted access to every tenant
Until Microsoft lobbed it into a virtual volcano A security researcher claims to have found a flaw that could have handed him ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback