QwikSec

Security Database

CVE

CWE

Training

CVE-2018-0908

Published: Feb 26, 2018

Modified: Sep 16, 2024

PUBLISHED

Description

Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevation of Privilege Vulnerability."

Vendor	Product	Versions
Microsoft Corporation	Microsoft Identity Manager	affected `Microsoft Identity Manager 2016 SP1`

References

vdb-entry

x_refsource_BID

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0908

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.