Three security vulnerabilities have been revealed in Microsoft Azure API Management service, which could be exploited by malicious actors to access confidential information or backend services. These vulnerabilities include two server-side request forgery (SSRF) flaws and one unrestricted file upload feature in the API Management developer portal. Exploitation of these flaws can lead to the loss of confidentiality and integrity, enabling attackers to read internal Azure resources and execute unauthorized code. Following responsible disclosure, Microsoft has patched all three of these vulnerabilities.
Source: Hackernews
To mitigate these potential threats, it is important to implement additional cybersecurity measures with the help of a trusted partner like INFRA www.infrascan.net or you can try your self using check.website.