Download
| Alert*
oval:org.secpod.oval:def:50796
Microsoft Visual Studio Team Foundation Server 2018 Update 2 is installed oval:org.secpod.oval:def:50208 Microsoft Visual Studio Team Foundation Server 2018 Update 3.2 is installed oval:org.secpod.oval:def:50207 Microsoft Visual Studio Team Foundation Server 2018 Update 1.2 is installed oval:org.secpod.oval:def:58556 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:54256 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54700 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:50209 The host is installed with Team Foundation Server 2018 Update 1.1 or Update 3 and is prone to a remote code execution vulnerability. The application fails to handle issues in authorization between TSF and search services. On successful exploitation, an attacker could run certain commands on the sear ... oval:org.secpod.oval:def:54260 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54261 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54699 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54257 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:54258 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to an Azure DevOps server or a Team Foundation server, ... oval:org.secpod.oval:def:51369 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:50797 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:50798 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:50206 The host is installed with Team Foundation 2018 Server Update 1.1 or Update 3 and is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user provided input. On successful exploitation, an attacker could send a specially crafted payload to the Team Foundation Se ... oval:org.secpod.oval:def:58557 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:54698 An information disclosure vulnerability exists when Azure DevOps Server and Microsoft Team Foundation Server do not properly sanitize a specially crafted authentication request to an affected server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerab ... oval:org.secpod.oval:def:57360 A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the ... oval:org.secpod.oval:def:49165 The host is installed with Team Foundation Server 2018 Update 1.1 or Update 3 and is prone to a remote code execution vulnerability. The application fails to handle issues in authorization between TSF and search services. On successful exploitation, an attacker could run certain commands on the sear ... oval:org.secpod.oval:def:49166 Microsoft Visual Studio Team Foundation Server 2018 Update 1.1 is installed oval:org.secpod.oval:def:49167 Microsoft Visual Studio Team Foundation Server 2018 Update 3 is installed oval:org.secpod.oval:def:49168 The host is installed with Team Foundation 2018 Server Update 1.1 or Update 3 and is prone to a cross-site scripting vulnerability. The application fails to properly sanitize user provided input. On successful exploitation, an attacker could send a specially crafted payload to the Team Foundation Se ... oval:org.secpod.oval:def:49172 Microsoft Visual Studio Team Foundation Server 2018 is installed oval:org.secpod.oval:def:49170 Microsoft Visual Studio Team Foundation Server 2018 Update 3.1 is installed oval:org.secpod.oval:def:61986 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input. An authenticated attacker could exploit the vulnerability by sending a specially crafted payload to the Team Foundation Server, which will get executed in the context of the use ... oval:org.secpod.oval:def:61985 An elevation of privilege vulnerability exists when Azure DevOps Server and Team Foundation Services improperly handle pipeline job tokens. An attacker who successfully exploited this vulnerability could extend their access to a project. To exploit this vulnerability, an attacker would first have to ... oval:org.secpod.oval:def:57358 A remote code execution vulnerability exists when Azure DevOps Server and Team Foundation Server (TFS) improperly handle user input. An attacker who successfully exploited the vulnerability could execute code on the target server in the context of the DevOps or TFS service account. To exploit the vu ... |