CVE-2020-1327

Summary

A spoofing vulnerability exists in Microsoft Azure DevOps Server when it fails to properly handle web requests, aka 'Azure DevOps Server HTML Injection Vulnerability'.

Affected Software

VendorProductVersion RangeStatus
MicrosoftAzure DevOps Server2019.0.1affected
MicrosoftAzure DevOps Server 2019Update 1affected
MicrosoftAzure DevOps Server 2019 Update 1.1unspecifiedaffected

Weaknesses

  • Spoofing

ADP Enrichment

CVE Program Container

Additional References

References