Microsoft · Active Directory Federation Services · CVE-2025-21193
**Name of the Vulnerable Software and Affected Versions**
Active Directory Federation Server (affected versions not specified)
**Description**
The issue is related to a spoofing vulnerability in the Active Directory Federation Server component of the Windows operating system, which is associated with cross-site request forgery (CSRF) attacks. This vulnerability can be exploited by a remote attacker to carry out a CSRF attack.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.