Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Microsoft Teams security vulnerability left users open to XSS via flawed stickers feature
Malware and Vulnerabilities
July 15, 2022
The Daily Swig
Attackers could abuse the popular sticker feature in Microsoft Teams to conduct XSS attacks. When a sticker is sent via Teams, the platform converts it into an image and uploads the content as ‘RichText/HTML’ in the subsequent message.
Read More
Microsoft Teams
cross-site scripting (XSS)
Sticker Feature
HTML injection
Content Security Policy, (CSP)
Publisher
Previous
The enemy of vulnerability management? Unrealistic expe ...
Expert Blogs and Opinion
Next
Virginia Commonwealth University Health System Exposed ...
Breaches and Incidents
/https://cyware-ent.s3.amazonaws.com/image_bank/d5f3_shutterstock_1043693929.jpg)
/https://cyware-ent.s3.amazonaws.com/image_bank/8312_shutterstock_1562768311.jpeg)
