Download
| Alert*
|
oval:org.secpod.oval:def:54260
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:58556 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:54261 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54256 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54699 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54700 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54258 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:51369 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:50206 The host is installed with Team Foundation 2018 Server Update 1.1 or Update 3 and is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user provided input. On successful exploitation, an attacker could send a specially crafted payload to the Team Foundation Se ... oval:org.secpod.oval:def:61986 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the use ... oval:org.secpod.oval:def:61985 An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:49169 Microsoft Visual Studio Team Foundation Server 2017 Update 3.1 is installed oval:org.secpod.oval:def:49168 The host is installed with Team Foundation 2018 Server Update 1.1 or Update 3 and is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user provided input. On successful exploitation, an attacker could send a specially crafted payload to the Team Foundation Se ... oval:org.secpod.oval:def:57358 A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input. An attacker who successfully exploited the vulnerability could execute code on the target server in the context of the DevOps or TFS service account. To exploit the vu ... |
