A privilege escalation vulnerability was discovered in Evope.Service, where a missing dependency loaded from the application directory allows an attacker to execute arbitrary code with NT AUTHORITY\SYSTEM privileges.
A misconfiguration in AD CS that lets attackers exploit weak certificate template permissions to escalate privileges.
Exploiting trust relationships to escalate privileges and access resources across Active Directory domains.
Keylogger in JavaScript to inject it via XSS.