Cross-Site Scripting Vulnerability in Azure Monitor by Microsoft
CVE-2025-55321

8.7HIGH

Key Information:

Vendor

Microsoft

Vendor
CVE Published:
9 October 2025

What is CVE-2025-55321?

A cross-site scripting vulnerability exists in Azure Monitor that allows an authorized attacker to execute spoofing attacks over a network by improperly neutralizing input during web page generation. This flaw could lead to unauthorized content being presented to users, potentially compromising user information and interactive session security.

Affected Version(s)

Azure Monitor Unknown

References

CVSS V3.1

Score:
8.7
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
High
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2025-55321 : Cross-Site Scripting Vulnerability in Azure Monitor by Microsoft