Product:

Azure_devops_server

(Microsoft)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 38
Date Id Summary Products Score Patch Annotated
2019-06-12 CVE-2019-0996 A spoofing vulnerability exists in Azure DevOps Server when it improperly handles requests to authorize applications, resulting in a cross-site request forgery. An attacker who successfully exploited this vulnerability could bypass OAuth protections and register an application on behalf of the targeted user. To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request. The attacker would then need to convince a targeted user to... Azure_devops_server 6.5
2020-06-09 CVE-2020-1327 A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'. Azure_devops_server 6.1
2020-07-14 CVE-2020-1326 A Cross-site Scripting (XSS) vulnerability exists when Azure DevOps Server does not properly sanitize user provided input, aka 'Azure DevOps Server Cross-site Scripting Vulnerability'. Azure_devops_server 5.4
2020-11-11 CVE-2020-1325 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Azure_devops_server N/A
2020-12-10 CVE-2020-17135 Azure DevOps Server Spoofing Vulnerability Azure_devops_server N/A
2020-12-10 CVE-2020-17145 Azure DevOps Server and Team Foundation Services Spoofing Vulnerability Azure_devops_server, Team_foundation_server N/A
2021-04-13 CVE-2021-27067 Azure DevOps Server and Team Foundation Server Information Disclosure Vulnerability Azure_devops_server, Team_foundation_server N/A
2021-04-13 CVE-2021-28459 Azure DevOps Server Spoofing Vulnerability Azure_devops_server N/A
2023-02-14 CVE-2023-21564 Azure DevOps Server Cross-Site Scripting Vulnerability Azure_devops_server N/A
2023-02-14 CVE-2023-21553 Azure DevOps Server Remote Code Execution Vulnerability Azure_devops_server N/A