The flaws, which exploited a weakness in the postMessage iframe, could have exposed Azure users to potential security breaches. The vulnerabilities were found in Azure Bastion and Azure Container Registry.