QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2019-1305

Back to search

CVE-2019-1305

Published: Sep 11, 2019

Modified: Aug 4, 2024

PUBLISHED

Description

A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka 'Team Foundation Server Cross-site Scripting Vulnerability'.

VendorProductVersions

Microsoft

Team Foundation Server

affected
2017 Update 3.1

Microsoft

Team Foundation Server 2018

affected
Update 1.2
affected
Update 3.2

Microsoft

Team Foundation Server 2015

affected
Update 4.2

Microsoft

Azure DevOps Server

affected
2019.0.1

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now