Cross-site Scripting Vulnerability in Team Foundation Server by Microsoft
CVE-2019-0743
5.4MEDIUM
What is CVE-2019-0743?
A Cross-site Scripting (XSS) vulnerability exists in Microsoft Team Foundation Server due to improper sanitization of user-provided input. Attackers could exploit this vulnerability to execute arbitrary scripts in the context of a user's session, potentially compromising user data or taking unauthorized actions. Proper input validation and sanitization measures are essential to mitigate these risks. For further information, refer to the Microsoft security advisory and additional resources.
Affected Version(s)
Team Foundation Server 2018 Update 3.2