Patches have been issued by open-source analytics and interactive visualization app Grafana for a critical security flaw, tracked as CVE-2023-3128, which could be exploited to hijack accounts leveraging Azure Active Directory for authentication, according to BleepingComputer. Grafana noted that the vulnerability stems from email claim-based validation of Azure AD accounts.
Source: SC Magazine