A user is concerned that if an external MSForm came under a denial of service (DOS) attack, that this could cause the responding "create item on Form response" Power Automate to run repeatedly against a connected SharePoint list causing performance issues.
I believe that the limitations would mitigate this but don't know the architecture well enough to know how this would work. They are seeking to build mitigation in but is this unnecessary?
How likely is this to cause problems; does anyone have advice?
FYI: MS Support said the following but I believe that I just need some advice from a knowledgeable individual:
review (this) FAQ and you should see the part that directs you on how to go about reporting a possible vulnerability. Then follow the steps and log a report.
FAQs - Report a Computer Security Vulnerability (microsoft.com)