Notice: This website is an unofficial Microsoft Knowledge Base (hereinafter KB) archive and is intended to provide a reliable access to deleted content from Microsoft KB. All KB articles are owned by Microsoft Corporation. Read full disclaimer for more details.

XSS filter breaks submission of token for ADAL authentication in Internet Explorer 11


View products that this article applies to.

Symptoms

After you apply security update 3065822 or a later cumulative update for Internet Explorer 11, the cross-site-scripting (XSS) filter may prevent submission of token content that's required in order to perform Active Directory Authentication Library (ADAL) authentication. For example, users may report the display of a hash ("#") symbol on the webpage when they try to access Office 365.

↑ Back to the top


Resolution

To fix this issue, install the most recent cumulative security update for Internet Explorer. To do this, go to Microsoft Update. Additionally, see the technical information about the most recent cumulative security update for Internet Explorer.

Note This update was first included in the MS16-023: Security update for Internet Explorer: March 8, 2016.

↑ Back to the top


Status

Microsoft has confirmed that this is a problem in the Microsoft products that are listed in the "Applies to" section.

↑ Back to the top


References

Learn about the terminology that Microsoft uses to describe software updates.

↑ Back to the top


Keywords: kbqfe, kbsurveynew, kbfix, kbexpertiseinter, kb

↑ Back to the top

Article Info
Article ID : 3144816
Revision : 1
Created on : 1/7/2017
Published on : 3/8/2016
Exists online : False
Views : 220