Microsoft Team Foundation Server
11 CVEs affecting Microsoft Team Foundation Server. Latest disclosed: 2020-03-12. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2019-1072 | Critical | 9.8 | 2019-07-15 | A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a… |
CVE-2020-0758 | High | 7.5 | 2020-03-12 | An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S… |
CVE-2019-0871 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0870 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0868 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0866 | Medium | 6.1 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2020-0700 | Medium | 5.4 | 2020-03-12 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site… |
CVE-2019-1305 | Medium | 5.4 | 2019-09-11 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |
CVE-2019-0979 | Medium | 5.4 | 2019-05-16 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0872 | Medium | 5.4 | 2019-05-16 | A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure… |
CVE-2019-0777 | Medium | 5.4 | 2019-04-09 | A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross… |