CVE-2018-16794

Microsoft ADFS 4.0 Windows Server 2016 and previous (Active Directory Federation Services) has an SSRF vulnerability via the txtBoxEmail parameter in /adfs/ls.

Date published : 2018-09-18

http://www.securityfocus.com/bid/105378

https://seclists.org/bugtraq/2018/Sep/26