2 matches found
CVE-2019-1305
CVE-2019-1305 is a Cross-site Scripting (XSS) vulnerability in Team Foundation Server/Azure DevOps Server where user input is not properly sanitized. An authenticated attacker can send a crafted payload that executes in the user’s browser, enabling theft of credentials, reading restricted content...
KLA11554 Multiple vulnerabilities in Microsoft Developer tools
Multiple vulnerabilities were found in Microsoft Developer tools. Malicious users can exploit these vulnerabilities to gain privileges, cause denial of service, execute arbitrary code, spoof user interface, obtain sensitive information. Below is a complete list of vulnerabilities: 1. An elevation...