Open Source Customization for AD FS XSS Vulnerability

Open Source Customization for AD FS XSS Vulnerability

CVE-2018-8326 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:P/A:N

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Services XSS Vulnerability." This affects Web Customizations.

Learn more about our Web App Pen Testing.