Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Services XSS Vulnerability." This affects Web Customizations.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Active Directory Federation Services 跨站脚本漏洞
Vulnerability Description
Microsoft Active Directory Federation Services(ADFS)是美国微软(Microsoft)公司推出的一项活动目录联合服务。该服务提供Web单一登入(SSO)技术,可实现在一次会话过程中对多个网站(或应用程序)验证某个使用者。 Microsoft AD FS中存在跨站脚本漏洞,该漏洞源于开源自定义没有正确的过滤发送到受影响AD FS服务器的特制Web请求。远程攻击者可通过发送特制的请求利用该漏洞在当前用户的安全上下文中执行脚本。
CVSS Information
N/A
Vulnerability Type
N/A