Medium severity6.1NVD Advisory· Published Apr 9, 2019· Updated Jun 17, 2026
CVE-2019-0870
CVE-2019-0870
Description
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0866, CVE-2019-0867, CVE-2019-0868, CVE-2019-0871.
Affected products
5(expand)+ 2 more
- (no CPE)
- (no CPE)range: 2017 Update 3.1
- (no CPE)range: Update 1.2
- Range: 2019
Patches
Vulnerability mechanics
References
2- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0870nvdPatchVendor Advisory
- www.securityfocus.com/bid/107754nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.