Описание
Active Directory Federation Server Spoofing Vulnerability
FAQ
How could an attacker exploit this vulnerability?
The ADFS (Active Directory Federation Services) services are vulnerable during the logout redirect request to cross-site scripting of the post logout redirect URI. An attacker who successfully exploited this vulnerability could leave an application using this ADFS library vulnerable to common XSS attacks.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Windows Server 2016 | ||
| Windows Server 2016 (Server Core installation) | ||
| Windows Server 2019 | ||
| Windows Server 2019 (Server Core installation) | ||
| Windows Server, version 2004 (Server Core installation) | ||
| Windows Server, version 20H2 (Server Core Installation) | ||
| Windows Server 2022 | ||
| Windows Server 2022 (Server Core installation) |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
5.4 Medium
CVSS3
Связанные уязвимости
Active Directory Federation Server Spoofing Vulnerability
Active Directory Federation Server Spoofing Vulnerability
Уязвимость службы Active Directory Federation Services (AD FS) операционных систем Microsoft Windows, позволяющая нарушителю проводить спуфинг-атаки
EPSS
5.4 Medium
CVSS3