Microsoft Active Directory Federation Services XSS Elevation Of Privilege Vulnerability (CVE-2015-1757)
Publish Date: 05 de października de 2016
Severity: : High
CVE Kennungen: : 2015-1757,MS15-062
DESCRIPTION
Cross-site scripting (XSS) vulnerability in Microsoft Active Directory Federation Services allows remote attackers to inject arbitrary web script or HTML via a crafted request.
INFORMATION EXPOSURE
Apply associated Trend Micro DPI Rules.
SOLUTION
Trend Micro Deep Security DPI Rule Number: 1000552
Trend Micro Deep Security DPI Rule Name: 1000552 - Generic Cross Site Scripting(XSS) Prevention
AFFECTED SOFTWARE AND VERSION:
- Active Directory Federation Services