CVE-2018-8602

Summary

A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This affects Team.

Affected Software

VendorProductVersion RangeStatus
MicrosoftTeamFoundation Server 2017 Update 3.1affected
MicrosoftTeamFoundation Server 2018 Update 1.1affected
MicrosoftTeamFoundation Server 2018 Update 3affected
MicrosoftTeamFoundation Server 2018 Update 3.1affected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

References