Microsoft Azure DevOps Server and Team Foundation Server Cross Site Scripting Vulnerability

Bugtraq ID: 107749
Class: Input Validation Error
CVE: CVE-2019-0866
Remote: Yes
Local: No
Published: Apr 09 2019 12:00AM
Updated: Apr 09 2019 12:00AM
Credit: Mikhail Shcherbakov of KTH Royal Institute of Technology.
Vulnerable: Microsoft Team Foundation Server 2018 Update 3.2
Microsoft Team Foundation Server 2018 Update 1.2
Microsoft Team Foundation Server 2017 Update 3.1
Microsoft Team Foundation Server 2015 Update 4.2
Microsoft Azure DevOps Server 2019 0
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus