Microsoft Team Foundation Server

11 CVEs affecting Microsoft Team Foundation Server. Latest disclosed: 2020-03-12. Critical: 1, High: 1.

Top CVEs affecting Microsoft Team Foundation Server
CVESeverityScorePublishedSummary
CVE-2019-1072Critical9.82019-07-15A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a…
CVE-2020-0758High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2019-0871Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0870Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0868Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0866Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2020-0700Medium5.42020-03-12A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…
CVE-2019-1305Medium5.42019-09-11A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0979Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0872Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0777Medium5.42019-04-09A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…