Vulnerabilities > Microsoft > Team Foundation Server > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-04-09 CVE-2019-0866 Cross-site Scripting vulnerability in Microsoft Azure Devops Server and Team Foundation Server
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
6.1
2019-04-09 CVE-2019-0777 Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2017/2018
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
2019-03-05 CVE-2019-0743 Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2018
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
2019-03-05 CVE-2019-0742 Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2018
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.
network
low complexity
microsoft CWE-79
5.4
2019-01-17 CVE-2019-0647 Information Exposure vulnerability in Microsoft Team Foundation Server 2017/2018
An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This affects Team.
network
low complexity
microsoft CWE-200
6.5
2019-01-17 CVE-2019-0646 Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2018
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
network
low complexity
microsoft CWE-79
5.4
2018-11-14 CVE-2018-8602 Cross-site Scripting vulnerability in Microsoft Team Foundation Server 2017/2018
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.
network
low complexity
microsoft CWE-79
5.4