Microsoft Bookings Flaw Let Hackers Create Impersonate User Acccounts

A critical security flaw in Microsoft Bookings has been uncovered. This flaw, inherent in the default configuration of Microsoft Bookings, potentially allows attackers to create unauthorized Entra (formerly Azure AD) accounts and obtain fraudulent certificates. This vulnerability poses significant risks to organizations using Microsoft 365 services.