CVE-2012-1892

Summary (CVE-2012-1892) : A cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter. The issue stems from improper input handling in the TFS web interface, enabl...

CVE-2013-5042

CVE-2013-5042 is a cross-site scripting (XSS) vulnerability in Microsoft ASP.NET SignalR 1.1.x (before 1.1.4) and 2.0.x (before 2.0.1), and in Visual Studio Team Foundation Server 2013. The weakness allows remote attackers to inject arbitrary web script or HTML via crafted Forever Frame transport...