CVE-2018-8602

2018-11-1401:00:00

microsoft

www.cve.org

AI Score

5.5

Confidence

High

EPSS

0.001

Percentile

23.2%

JSON

A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka “Team Foundation Server Cross-site Scripting Vulnerability.” This affects Team.

CNA Affected

[
  {
    "product": "Team",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Foundation Server 2017 Update 3.1"
      },
      {
        "status": "affected",
        "version": "Foundation Server 2018 Update 1.1"
      },
      {
        "status": "affected",
        "version": "Foundation Server 2018 Update 3"
      },
      {
        "status": "affected",
        "version": "Foundation Server 2018 Update 3.1"
      }
    ]
  }
]