More details have emerged about a set of now-patched cross-site scripting (XSS) flaws in theMicrosoft Azure HDInsightopen-source analytics service that could be weaponized by a threat actor to carry out malicious activities. “The identified vulnerabilities consisted of six stored XSS and two reflected XSS vulnerabilities, each of which could be exploited to perform unauthorized actions,