4 matches found
CVE-2015-1757
CVE-2015-1757 is an XSS elevation-of-privilege vulnerability in Microsoft Active Directory Federation Services (AD FS) exposed by wct input in AD FS on Windows Server 2008 SP2, R2 SP1, and Server 2012. The issue, described as cross-site scripting via the wct parameter, can enable a remote attacke...
MS15-062: Vulnerability in Active Directory Federation Services Could Allow Elevation of Privilege (3062577)
The remote Windows host is affected by an XSS elevation of privilege vulnerability in Active Directory Federation Services AD FS due to improper sanitization of user-supplied input. A remote attacker can exploit this by submitting a specially crafted URL to a target site, resulting in the executi...
Microsoft Active Directory Federation Services CVE-2015-1757 Privilege Escalation Vulnerability
Description Microsoft Active Directory Federation Services is prone to a remote privilege-escalation vulnerability because it fails to sanitize user-supplied input. An attacker can exploit this issue to gain elevated privileges and perform unauthorized actions in the context of the currently...
Cross-Site Scripting (CVE-2005-0543; CVE-2014-4075; CVE-2014-4116; CVE-2014-6325; CVE-2014-6365; CVE-2015-1636; CVE-2015-1640; CVE-2015-1757)
...