MS15-062 - Important: Vulnerability in Active Directory Federation Services Could Allow...

Discussion in 'Security Alerts' started by News, Jun 9, 2015.

  1. News

    News Extraordinary Robot
    News Feed

    Joined:
    Jun 27, 2006
    Messages:
    26,203
    Likes Received:
    20
    Severity Rating: Important
    Revision Note: V1.0 (June 9, 2015): Bulletin published.
    Summary: This security update resolves a vulnerability in Microsoft Active Directory Federation Services (AD FS). The vulnerability could allow elevation of privilege if an attacker submits a specially crafted URL to a target site that, due to the vulnerability, fails to properly sanitize script embedded in the URL. Once an attacker has successfully submitted specially crafted script to a target site, any webpage on that site that contains the specially crafted script is a potential vector for cross-site scripting attacks.

    Continue reading...
     

Share This Page

Loading...