Microsoft Visual Studio Team Foundation Server跨站脚本执行漏洞（MS12-061)

BUGTRAQ ID: 55409 CVE ID: CVE-2012-1892 Microsoft Visual Studio Team Foundation Server是微软应用生命周期管理解决方案的核心协作平台，可实现软件递送流程自动化，包括有效管理软件开发项目的工具。 Microsoft Visual Studio Team Foundation Server存在反射XSS漏洞,可允许攻击者注入客户端脚本到IE的用户实例中或所有通过Team Foundation Server Web访问的Web浏览器中。该脚本可欺骗内容、泄露信息、以目标用户权限执行任意操作。 0 Microso...

CVE-2012-1892

Summary (CVE-2012-1892) : A cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. The issue stems from improper input handling in the TFS web interface, enabl...

Microsoft Visual Studio Team Foundation Server XSS (MS12-061; CVE-2012-1892)

A reflected XSS vulnerability has been reported in Visual Studio Team Foundation Server...