Active Directory Federation Services XSS Vulnerability

Active Directory Federation Services XSS Vulnerability

CVE-2019-1273 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'.

Learn more about our Web Application Penetration Testing UK.