Azure Service Fabric Explorer (SFX) was affected by an XSS vulnerability that
could have allowed a malicious script to be reflected off a web application.
After a potential victim clicked on a crafted malicious URL, the attacker could
remotely toggle the ‘Cluster’ Event Type setting under the Events tab. This could
lead to unauthenticated remote code execution on a container hosted on a Service Fabric node.
Azure Service Fabric Explorer (SFX)