3.5
CVSSv2

CVE-2019-0872

Published: 16/05/2019 Updated: 16/07/2019
CVSS v2 Base Score: 3.5 | Impact Score: 2.9 | Exploitability Score: 6.8
CVSS v3 Base Score: 5.4 | Impact Score: 2.7 | Exploitability Score: 2.3
VMScore: 312
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Vulnerability Summary

A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

microsoft team foundation server 2015

microsoft team foundation server 2017

microsoft team foundation server 2018

microsoft azure devops server 2019

Recent Articles

Microsoft Patch Tuesday – May 2019
Symantec Threat Intelligence Blog • Ratheesh PM • 15 May 2021

This month the vendor has patched 79 vulnerabilities, 22 of which are rated Critical.

Posted: 15 May, 201924 Min ReadThreat Intelligence SubscribeFollowtwitterfacebooklinkedinMicrosoft Patch Tuesday – May 2019This month the vendor has patched 79 vulnerabilities, 22 of which are rated Critical.As always, customers are advised to follow these security best practices:


Install vendor patches as soon as they are available.
Run all software with the least privileges required while still maintai...