Azure Service Fabric Spoofing Vulnerability
Description
A vulnerable version of Service Fabric Explorer (SFXv1) has the URL that ends in old.html. If you are on an unsupported version of Service Fabric Runtime (8.1.316 and below), you will be vulnerable. On supported versions of the Service Fabric Runtime, the Service Fabric Explorer version (SFXv2) which is loaded by default is not affected by this vulnerability. On supported SF runtime versions, you can verify you are using SFXv2 by checking that the URL of Service Fabric Explorer ends in index.html.
Affected Applications
Azure Service Fabric