CVE-2025-32016 Microsoft Identity Web Exposes Client Secrets and Certificate Information in Service Logs

Microsoft Identity Web is a library which contains a set of reusable classes used in conjunction with ASP.NET Core for integrating with the Microsoft identity platform formerly Azure AD v2.0 endpoint and AAD B2C. This vulnerability affects confidential client applications, including daemons, web...

Microsoft Identity Web 日志信息泄露漏洞

Microsoft Identity Web is an Azure Active Directory open source to help create protected web applications and web APIs using the Microsoft Identity Platform and Azure AD B2C. A log information disclosure vulnerability exists in Microsoft Identity Web, which stems from the fact that sensitive...