Medium severity6.1NVD Advisory· Published Feb 26, 2018· Updated Jun 17, 2026
CVE-2018-0908
CVE-2018-0908
Description
Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevation of Privilege Vulnerability."
Affected products
2- Range: SP1
- Microsoft Corporation/Microsoft Identity Managerv5Range: Microsoft Identity Manager 2016 SP1
Patches
Vulnerability mechanics
References
2- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0908nvdPatchVendor Advisory
- www.securityfocus.com/bid/103112nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.