Vulnerabilities > Microsoft > Azure Devops Server

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-0867 Cross-site Scripting vulnerability in Microsoft Azure Devops Server and Team Foundation Server
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
2019-04-09 CVE-2019-0866 Cross-site Scripting vulnerability in Microsoft Azure Devops Server and Team Foundation Server
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
2019-04-09 CVE-2019-0857 Improper Encoding or Escaping of Output vulnerability in Microsoft Azure Devops Server 2019
A spoofing vulnerability that could allow a security feature bypass exists in when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Spoofing Vulnerability'.
network
low complexity
microsoft CWE-116
6.5