CVE-2019-0869: XSS
First published: Tue Apr 09 2019(Updated: )
A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Azure DevOps Server | =2019 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of the Azure DevOps Server vulnerability?
The vulnerability ID is CVE-2019-0869.
What is the severity rating of CVE-2019-0869?
The severity rating of CVE-2019-0869 is medium with a CVSS score of 6.1.
What is the affected software of CVE-2019-0869?
The affected software is Microsoft Azure DevOps Server 2019.
What is the description of CVE-2019-0869?
CVE-2019-0869 is a spoofing vulnerability in Microsoft Azure DevOps Server that allows malicious actors to make requests that can result in HTML injection.
Are there any references for CVE-2019-0869?
Yes, you can find references for CVE-2019-0869 at the following links: [SecurityFocus](http://www.securityfocus.com/bid/107768) and [Microsoft Security Guidance Advisory](https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0869).
- collector/nvd-index
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- agent/event
- agent/type
- agent/last-modified-date
- agent/remedy
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft azure devops server
- version/microsoft azure devops server/2019