A critical Local File Inclusion (LFI) vulnerability was recently discovered in Microsoft 365’s Export to PDF functionality, potentially allowing attackers to access sensitive server-side data, including configuration files, database credentials, and application source code. The vulnerability, reported by security researcher Gianluca Baldi and subsequently patched by Microsoft, earned a $3,000 bounty reward for its significant […]
The post Microsoft 365 PDF Export LFI Vulnerability Allows Access to Sensitive Server Data appeared first on Cyber Security News.
This article has been indexed from Cyber Security News