Back to directory
WRITEUP #330

Full Disclosure: A Look at a Recently Patched Microsoft Graph Logging Bypass - GraphNinja

Auth BypassPassword sprayingBroken authentication
by@nyxgeek(nyxgeek)
Program
Microsoft (Microsoft Graph)
Published
Apr 29, 2024
Added to HackDex
May 8, 2024
Read Full Writeuphttps://trustedsec.com/blog/full-disclosure-a-look-at-a-recently-patched-microsoft-graph-logging-bypass-graphninja
RELATED WRITEUPS
Account Takeover via Broken Authentication Workflow: Free Lifetime Streaming!
Auth BypassBroken authentication
Plug Security Holes in React Apps That Can Lead to API Exploitation
Auth BypassSSO
Interesting Story of an Account Takeover Vulnerability
Auth BypassAccount takeover
Instagram and Meta 2FA Bypass by Unprotected Backup Code Retrieval in Accounts Center
Auth Bypass2FA / MFA bypass
Forced SSO Session Fixation
Auth BypassSSO

Built with ❤️ by Shubham Rawat