MS15-062 - Important: Vulnerability in Active Directory Federation Services Could Allow...


Extraordinary Robot
News Feed
Severity Rating: Important
Revision Note: V1.0 (June 9, 2015): Bulletin published.
Summary: This security update resolves a vulnerability in Microsoft Active Directory Federation Services (AD FS). The vulnerability could allow elevation of privilege if an attacker submits a specially crafted URL to a target site that, due to the vulnerability, fails to properly sanitize script embedded in the URL. Once an attacker has successfully submitted specially crafted script to a target site, any webpage on that site that contains the specially crafted script is a potential vector for cross-site scripting attacks.

Continue reading...

This website is not affiliated, owned, or endorsed by Microsoft Corporation. It is a member of the Microsoft Partner Program.