Microsoft Active Directory Federation Services XSS Elevation Of Privilege Vulnerability (CVE-2015-1757)
Gravité: : Élevé
Identifiant(s) CVE: : 2015-1757,MS15-062
Description
Cross-site scripting (XSS) vulnerability in Microsoft Active Directory Federation Services allows remote attackers to inject arbitrary web script or HTML via a crafted request.
Information Exposure Rating:
Apply associated Trend Micro DPI Rules.
Solutions
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
Affected software and version:
- Active Directory Federation Services