Vulnerabilities > Microsoft > Identity Manager > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-02-26 | CVE-2018-0908 | Cross-site Scripting vulnerability in Microsoft Identity Manager 2016 Microsoft Identity Manager 2016 SP1 allows an attacker to gain elevated privileges when it does not properly sanitize a specially crafted attribute value being displayed to a user on an affected MIM 2016 server, aka "Microsoft Identity Manager XSS Elevation of Privilege Vulnerability." | 6.1 |