Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs
What kind of vulnerability is it? Who is impacted? Description: This vulnerability affects confidential client applications, including daemons, web apps, and web APIs. Under specific circumstances, sensitive information such as client secrets or certificate details may be exposed in the service logs of these applications. Service logs are intended to be handled securely. Impact: The vulnerability impacts service logs that meet the following criteria: Logging Level: Logs are generated at …