CVE-2019-1273 (windows_10, windows_server_2016, windows_server_2019)

A cross-site-scripting (XSS) vulnerability exists when Active Directory Federation Services (ADFS) does not properly sanitize certain error messages, aka ‘Active Directory Federation Services XSS Vulnerability’.
Source: NIST
CVE-2019-1273 (windows_10, windows_server_2016, windows_server_2019)