CVE-2012-1892

Опубликовано: 11 сент. 2012

Источник: nvd

CVSS2: 4.3

EPSS Средний

Описание

Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "XSS Vulnerability."

Ссылки

http://secunia.com/advisories/50463
http://www.securityfocus.com/bid/55409
http://www.securitytracker.com/id?1027511
http://www.us-cert.gov/cas/techalerts/TA12-255A.html
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15779
http://secunia.com/advisories/50463
http://www.securityfocus.com/bid/55409
http://www.securitytracker.com/id?1027511
http://www.us-cert.gov/cas/techalerts/TA12-255A.html
US Government Resource
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-061
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15779

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:visual_studio_team_foundation_server:2010:sp1:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.44933

Средний

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-7q5p-6568-pm3p

github

больше 3 лет назад