CVE-2018-8326

Summary

A cross-site-scripting (XSS) vulnerability exists when an open source customization for Microsoft Active Directory Federation Services (AD FS) does not properly sanitize a specially crafted web request to an affected AD FS server, aka "Open Source Customization for Active Directory Federation Services XSS Vulnerability." This affects Web Customizations.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWeb CustomizationsActive Directory Federation Servicesaffected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

References