vulnerability

Microsoft Windows: CVE-2019-1273: Active Directory Federation Services XSS Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:M/Au:S/C:N/I:P/A:N)	Sep 10, 2019	Sep 10, 2019	Sep 5, 2025

Severity

CVSS

(AV:N/AC:M/Au:S/C:N/I:P/A:N)

Published

Sep 10, 2019

Added

Sep 10, 2019

Modified

Sep 5, 2025

Description

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka 'Active Directory Federation Services XSS Vulnerability'.

Solutions

microsoft-windows-windows_10-1803-kb4516058microsoft-windows-windows_10-1809-kb4512578microsoft-windows-windows_10-1903-kb4515384microsoft-windows-windows_server_2019-1809-kb4512578msft-kb4515384-1fec8c01-d96f-4692-9c3f-533f1966ba0f

References

CVE-2019-1273
https://attackerkb.com/topics/CVE-2019-1273
CWE-79
URL-https://support.microsoft.com/help/4512578
URL-https://support.microsoft.com/help/4515384
URL-https://support.microsoft.com/help/4516058

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today