248 matches found
KLA11998 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. A spoofing vulnerability in Azure DevOps Server and Team Foundation Services can be...
Microsoft Azure DevOps Server Cross-Site Scripting Vulnerability (CNVD-2020-45312)
Microsoft Azure DevOps Server is a suite of software development collaboration tools from Microsoft Corporation USA. The product includes features such as sharing code, work tracking, and software distribution. A cross-site scripting vulnerability exists in Microsoft Azure DevOps Server versions...
CVE-2020-1326
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2020-1326
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2020-1326
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
Azure DevOps Server Cross-site Scripting Vulnerability
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Azure DevOps Server, which will get executed in the context of the user...
Security Updates for Microsoft Team Foundation Server and Azure DevOps Server (July 2020)
The Microsoft Team Foundation Server or Azure DevOps Server is missing security updates. It is, therefore, affected by a cross-site scripting XSS vulnerability due to not properly sanitizing user-provided input. An authenticated, remote attacker can exploit this by sending a specially-crafted...
KLA11859 Multiple vulnerabilities in Microsoft Developer Tools
Multiple vulnerabilities were found in Microsoft Developer Tools. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in Windows Diagnostics Hub...
CVE-2020-1327
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'...
CVE-2020-1327
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'...
Design/Logic Flaw
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'...
CVE-2020-1327
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'...
CVE-2020-0815
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0758...
CVE-2020-0758
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...
CVE-2020-0700
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2020-0758
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...
Privilege escalation
An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps Server and Team Foundation Services Elevation of Privilege Vulnerability'. This CVE ID is unique from CVE-2020-0815...
CVE-2020-0700
A Cross-site Scripting XSS vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'...
CVE-2020-0700
CVE-2020-0700 is a Cross-site Scripting (XSS) vulnerability in Azure DevOps Server where user input is not properly sanitized. The underlying issue is improper sanitization of inputs, allowing an authenticated attacker to send a crafted payload that executes in the context of the current user whe...
Microsoft Azure DevOps Server and Microsoft Team Foundation Server Elevation of Privilege Vulnerability (CNVD-2020-28437)
Microsoft Team Foundation Server and Microsoft Azure DevOps Server are both products of Microsoft Corporation, U.S.A. Microsoft Team Foundation Server is a suite of Application Lifecycle Management ALM tools Microsoft Team Foundation Server is an application lifecycle management ALM suite of tool...