Security researchers have found several vulnerabilities in Azure DevOps that could enable attackers to inject CRLF queries and carry out DNS rebinding attacks. Binary Security found serious security risks in a widely used development platform during a client engagement. The first vulnerability in Azure DevOps’ ‘endpointproxy’ feature enables Server-Side Request Forgery (SSRF). AlertVulnerabilities Delay patching … Continue reading Multiple Azure DevOps Vulns Allow To Inject CRLF Queries & Rebind DNS