14Oca
CVE-2025-21193 | Microsoft Windows Active Directory Federation Server cross-site request forgery
A vulnerability, which was classified as problematic, has been found in Microsoft Windows Server 2016/Server 2019/Server 2022/Server 2022 23H2/Server 2025. This issue affects some unknown processing of the component Active Directory Federation Server. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2025-21193. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.