Lucene search
K

4 matches found

CVE
CVE
added 2015/06/10 1:0 a.m.97 views

CVE-2015-1757

CVE-2015-1757 is an XSS elevation-of-privilege vulnerability in Microsoft Active Directory Federation Services (AD FS) exposed by wct input in AD FS on Windows Server 2008 SP2, R2 SP1, and Server 2012. The issue, described as cross-site scripting via the wct parameter, can enable a remote attacke...

4.3CVSS5.2AI score0.11058EPSS
Exploits0References3Affected Software1
Tenable Nessus
Tenable Nessus
added 2015/06/10 12:0 a.m.31 views

MS15-062: Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)

The remote Windows host is affected by an XSS elevation of privilege vulnerability in Active Directory Federation Services AD FS due to improper sanitization of user-supplied input. A remote attacker can exploit this by submitting a specially crafted URL to a target site, resulting in the executi...

4.3CVSS5.7AI score0.11058EPSS
Exploits0References2
Symantec
Symantec
added 2015/06/09 12:0 a.m.31 views

Microsoft Active Directory Federation Services CVE-2015-1757 Privilege Escalation Vulnerability

Description Microsoft Active Directory Federation Services is prone to a remote privilege-escalation vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions in the context of the currently...

4.3CVSS6.3AI score0.11058EPSS
Exploits0Affected Software6
Check Point Advisories
Check Point Advisories
added 2015/06/09 12:0 a.m.74 views

Cross-Site Scripting (CVE-2005-0543; CVE-2014-4075; CVE-2014-4116; CVE-2014-6325; CVE-2014-6365; CVE-2015-1636; CVE-2015-1640; CVE-2015-1757)

...

4.3CVSS6.4AI score0.24698EPSS
Exploits1
Rows per page
Query Builder