4 matches found
CVE-2019-0871
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867,...
Cross site scripting
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0868,...
CVE-2019-0871
Azure DevOps Server and Team Foundation Server are affected by a cross-site scripting (XSS) vulnerability due to insufficient validation of user-supplied input. An attacker could exploit this to run scripts in the security context of the current user. CNVD entries describe the issue but do not pr...
Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (April 2019)
The Microsoft Team Foundation Server or Azure DevOps Server installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project...