Severity by source
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Primary rating from NVD.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Lifecycle Timeline
2DescriptionCVE.org
Improper neutralization of input during web page generation ('cross-site scripting') in Azure Machine Learning allows an unauthorized attacker to perform spoofing over a network.
AnalysisAI
Cross-site scripting (XSS) in Azure Machine Learning enables remote attackers to execute arbitrary JavaScript in victim browsers via crafted input, achieving complete session compromise including credential theft, workspace manipulation, and model poisoning. Attacker requires no authentication but must convince a user to interact with a malicious link or input. Microsoft has released patches per MSRC advisory. CVSS 8.8 severity reflects the high impact across confidentiality, integrity, and availability once user interaction occurs. No evidence of active exploitation (not in CISA KEV) and EPSS data not provided.
Technical ContextAI
This vulnerability affects Microsoft Azure Machine Learning (cpe:2.3:a:microsoft:azure_machine_learning), a cloud-based platform for building, training, and deploying machine learning models. The flaw is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation), the foundational weakness class for cross-site scripting. XSS occurs when an application includes untrusted data in web pages without proper validation or escaping, allowing attackers to inject client-side scripts. In Azure ML's context, this likely affects components that render user-supplied input such as experiment names, dataset labels, notebook outputs, or workspace configurations. The improper neutralization enables malicious JavaScript execution within the security context of the Azure ML web interface, inheriting the victim's session permissions and Azure RBAC roles.
RemediationAI
Apply the vendor-released patch immediately via the Microsoft Security Response Center update guide at https://msrc.microsoft.com/update-guide/vulnerability/CVE-2026-32207. For Azure Machine Learning's cloud-native architecture, Microsoft typically auto-deploys patches to the platform backend, but verify your workspace is running the patched version through the Azure portal or Azure CLI. If immediate patching is unavailable, implement compensating controls: enforce Content Security Policy (CSP) headers with strict script-src directives to block inline JavaScript execution (note: may break legitimate Azure ML notebook functionality-test thoroughly in non-production environments first). Restrict workspace sharing to trusted users only and audit existing shared resources for suspicious content. Implement browser-based XSS filters or web application firewalls with XSS signature detection for users accessing Azure ML through corporate networks, though these provide defense-in-depth rather than elimination of risk. Educate users to avoid clicking untrusted links to Azure ML resources and report suspicious workspace invitations. Monitor Azure Activity Logs for anomalous authentication patterns or unexpected workspace modifications that could indicate XSS exploitation.
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-28447
GHSA-h553-38x2-qp6q