Lucene search
MicrosoftCVELIST:CVE-2018-8547HistoryNov 14, 2018 - 1:00 a.m.
CVE-2018-8547
2018-11-1401:00:00
microsoft
www.cve.org
7
A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka âActive Directory Federation Services XSS Vulnerability.â This affects Windows Server 2012 R2, Windows RT 8.1, Windows Server 2019, Windows Server 2016, Windows 8.1, Windows 10, Windows 10 Servers.
CNA Affected
[
{
"product": "Windows Server 2012 R2",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Windows RT 8.1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Windows RT 8.1"
}
]
},
{
"product": "Windows Server 2019",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Windows Server 2016",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "(Server Core installation)"
}
]
},
{
"product": "Windows 8.1",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit systems"
},
{
"status": "affected",
"version": "x64-based systems"
}
]
},
{
"product": "Windows 10",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "Version 1607 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1607 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1709 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1709 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1803 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1803 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Version 1803 for x64-based Systems"
},
{
"status": "affected",
"version": "Version 1809 for 32-bit Systems"
},
{
"status": "affected",
"version": "Version 1809 for ARM64-based Systems"
},
{
"status": "affected",
"version": "Version 1809 for x64-based Systems"
}
]
},
{
"product": "Windows 10 Servers",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "version 1709 (Server Core Installation)"
},
{
"status": "affected",
"version": "version 1803 (Server Core Installation)"
}
]
}
]Related
prion
prion
Cross site scripting
2018-11-14 01:29:00
mscve
mscve
Active Directory Federation Services XSS Vulnerability
2018-11-13 08:00:00
nvd
nvd
CVE-2018-8547
2018-11-14 01:29:01
cve
cve
CVE-2018-8547
2018-11-14 01:29:01
symantec
symantec
nessus
nessus
openvas
openvas
Microsoft Windows Multiple Vulnerabilities (KB4467697)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467691)
2018-11-14 00:00:00
Microsoft Windows Multiple Vulnerabilities (KB4467686)
2018-11-14 00:00:00
mskb
mskb
November 13, 2018âKB4467703 (Security-only update)
2018-11-13 08:00:00
November 13, 2018âKB4467697 (Monthly Rollup)
2018-11-13 08:00:00
November 13, 2018âKB4467691 (OS Build 14393.2608)
2018-11-13 08:00:00
kaspersky
kaspersky
KLA11898 Multiple vulnerabilities in Microsoft Products (ESU)
2018-11-13 00:00:00
KLA11354 Multiple vulnerabilities in Microsoft Windows
2018-11-13 00:00:00
talosblog
talosblog
thn
thn
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now
2018-11-14 09:55:00