Visual Studio Live Share Spoofing Vulnerability - CVE-2019-1486ID: oval:org.secpod.oval:def:59892 | Date: (C)2019-12-11 (M)2023-11-10 |
Class: VULNERABILITY | Family: windows |
A spoofing vulnerability exists in Visual Studio Live Share when a guest connected to a Live Share session is redirected to an arbitrary URL specified by the session host. An attacker who successfully exploited this vulnerability could cause a connected guest's computer to open a browser and navigate to a URL without consent from the guest. To exploit the vulnerability, an attacker would need to host a Live Share session and convince a targeted user to connect to the session.
Platform: |
Microsoft Windows 7 |
Microsoft Windows 8.1 |
Microsoft Windows 10 |
Microsoft Windows Server 2008 |
Microsoft Windows Server 2008 R2 |
Microsoft Windows Server 2012 |
Microsoft Windows Server 2012 R2 |
Microsoft Windows Server 2016 |
Microsoft Windows Server 2019 |
Product: |
Microsoft Visual Studio 2019 |