1382 matches found
Information disclosure
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...
Cross site scripting
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...
CVE-2019-0971
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server, aka 'Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability'...
CVE-2019-0979
Technical details (affected products, versions, root cause, exploitability) are not publicly provided in the connected documents; monitor for updates.
CVE-2019-0971
CVE-2019-0971 affects Azure DevOps Server and Team Foundation Server. It is an information disclosure vulnerability caused by improper sanitization of a specially crafted authentication request, allowing an authenticated attacker to perform server-side requests and access sensitive information. T...
CVE-2019-0979
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0872...
CVE-2019-0872
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979...
CVE-2019-0872
CVE-2019-0872 is an XSS vulnerability in Microsoft’s Azure DevOps Server and Team Foundation Server caused by improper sanitization/validation of client-side input in the WEB application. The linked Red Hat entry confirms the root cause as a lack of proper input validation leading to cross-site s...
Microsoft Team Foundation Server and Microsoft Azure DevOps Server Information Disclosure Vulnerability
Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...
Microsoft Azure DevOps Server and Team Foundation Server Cross-Site Scripting Vulnerability
Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools that provide a platform for team collaboration. Microsoft Team Foundation Server is an...
Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (May 2019)
The Microsoft Team Foundation Server or Azure DevOps Server is missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially...
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server,...
Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server. An attacker who successfully exploited this vulnerability could execute malicious code on a...
Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server,...
Microsoft Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. Technologies Affected Microsoft Azure DevOps Server 2019 Microsoft...
Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability
Description Microsoft Azure DevOps Server and Team Foundation Server are prone to an cross-site scripting vulnerability because they fails to properly sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...
KLA11485 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, gain privileges, bypass security restrictions, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A deni...
The Pitfalls of Keeping Your Ports Wide Open
By David Balaban Based on security assessment results, penetration testers often recommend hiding an enterprise network’s ports behind a whitelist. However, corporate IT teams don’t always understand the need for such a countermeasure. Even some admins and DevOps specialists with tons of experien...
Is your org structure threatening your IT security infrastructure?
5 Tips to Solve API Security Issues in Any IT Security Infrastructure Start listening. Integrating isn’t enough if your teams aren’t talking. In a hyper-competitive environment, keeping up with customer usability demands often means adopting a hyper-agile development process. It’s a dangerous...