3 matches found
CVE-2019-0874
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2019-0874
CVE-2019-0874 is an XSS vulnerability in Microsoft Azure DevOps Server (and Team Foundation Server variants) caused by inadequate sanitization of user input. Exploitation could occur when an authenticated user is served a crafted payload, allowing client-side script execution in the context of th...
Security Updates for Microsoft Team Foundation Server / Azure DevOps Server (April 2019)
The Microsoft Team Foundation Server or Azure DevOps Server installation on the remote host is missing a security update. It is, therefore, affected by multiple vulnerabilities : - An elevation of privilege vulnerability exists when Azure DevOps Server 2019 does not properly enforce project...