Monthly vulnerability scanning: first month free!
Learn more →
Penetration testing by ethical hackers | Hackify
Pentest
WEB
Web application pentest
API pentest
WordPress pentest
Mendix pentest
MOBILE
Mobile pentest
INFRA
Ransomware pentest
Corporate network pentest
Active Directory pentest
WiFi pentest
PHYSICAL
Workplace pentest
Mystery guest
CLOUD
Azure pentest
AWS pentest
GCP pentest
REVIEW
Code review
Backup review
COMPLIANCE
ISO27001 pentest
DigiD pentest
BIO pentest
PCI DSS pentest
NEN7510 pentest
NIS2 pentest
AFAS pentest
Scanning
Phishing
Phishing simulation
Spear phishing
Training
Hacking training
Cloud hacking training
Web hacking training
Info
About us
Partners
Careers
Blog
Wiki
Contact us
EN
NL
EN
Pentest
WEB
Web application pentest
API pentest
WordPress pentest
Mendix pentest
MOBILE
Mobile pentest
INFRA
Ransomware pentest
Corporate network pentest
Active Directory pentest
WiFi pentest
PHYSICAL
Workplace pentest
Mystery guest
CLOUD
Azure pentest
AWS pentest
GCP pentest
REVIEW
Code review
Backup review
COMPLIANCE
ISO27001 pentest
DigiD pentest
BIO pentest
PCI DSS pentest
NEN7510 pentest
NIS2 pentest
AFAS pentest
Scanning
Phishing
Phishing simulation
Spear phishing
Training
Hacking training
Cloud hacking training
Web hacking training
Info
About us
Partners
Careers
Blog
Wiki
NL
EN
Contact us
WE ARE
|
WE ARE
HACKIFY
Search
Filter by type
Research
(1)
Filter by topic
cloud
(1)
microsoft
(1)
ssrf
(1)
Blog
Microsoft Dynamics 365 SSRF exploit (CVE-2026-32210)
12 June 2026 · 5 min read
Hackify discovered a critical Server-Side Request Forgery (SSRF) in Microsoft Dynamics 365 (online), registered as CVE-2026-32210. Through the Dataverse endpoint msdyn_UCIClientAuth, the bearer token of a logged-in user could be stolen and reused to read, modify and delete Power Apps. This article …