Microsoft Team Foundation Server 2018

17 CVEs affecting Microsoft Team Foundation Server 2018. Latest disclosed: 2020-03-12. Critical: 2, High: 1.

Top CVEs affecting Microsoft Team Foundation Server 2018
CVESeverityScorePublishedSummary
CVE-2019-1306Critical9.82019-09-11A remote code execution vulnerability exists when Azure DevOps Server (ADO) and Team Foundation Server (TFS) fail to validate input properly, aka 'Azure DevOps…
CVE-2019-1072Critical9.82019-07-15A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input, aka 'Azure DevOps Server a…
CVE-2020-0758High7.52020-03-12An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens, aka 'Azure DevOps S…
CVE-2019-0971Medium6.52019-05-16An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authe…
CVE-2019-0871Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0870Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0868Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0867Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0866Medium6.12019-04-09A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2020-0700Medium5.42020-03-12A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site…
CVE-2019-1305Medium5.42019-09-11A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-1076Medium5.42019-07-15A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0979Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0872Medium5.42019-05-16A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure…
CVE-2019-0777Medium5.42019-04-09A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0743Medium5.42019-03-05A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…
CVE-2019-0742Medium5.42019-03-05A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross…