Medium severity5.4NVD Advisory· Published May 16, 2019· Updated Jun 17, 2026
CVE-2019-0872
CVE-2019-0872
Description
A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server and Team Foundation Server do not properly sanitize user provided input, aka 'Azure DevOps Server and Team Foundation Server Cross-site Scripting Vulnerability'. This CVE ID is unique from CVE-2019-0979.
Affected products
6(expand)+ 3 more
- (no CPE)
- (no CPE)range: 2017 Update 3.1
- (no CPE)range: Update 4.2
- (no CPE)range: Update 1.2
- Range: 2019
Patches
Vulnerability mechanics
References
1- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0872nvdPatchVendor Advisory
News mentions
0No linked articles in our index yet.