Researchers at Orca Security discovered vulnerabilities in Azure Bastion and Azure Container Registry that could be exploited to achieve cross-site scripting. Orca notified Microsoft; the issues were resolved in April and May of this year. Here information https://orca.security/resources/blog/examining-two-xss-vulnerabilities-in-azure-services/