Microsoft Autodiscover abused to collect web requests, credentials

Researchers were able to exploit a protocol design feature on a vast scale.

Article Link: https://www.zdnet.com/article/design-flaw-in-microsoft-autodiscover-abused-to-leak-windows-domain-credentials/#ftag=RSSbaffb68