Teams SSRF While on vacation in December, I was digging around against MS services for some bugs and discovered several SSRFs in MS cloud services. One of which I was awarded a $5000 USD bounty for, due to (presumably) targetting Teams and disclosing user authentication tokens to external services. Hell yeah! It was a pretty simple bug and now that it’s patched and sufficient time has passed, MS gave me the green light for publishing.