CVE-2023-21565

CWE-79 — Cross-site Scripting (XSS)2 documents2 sources

Severity

7.1HIGH

No vector

EPSS

1.8%

top 17.02%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

3

Microsoft Azure Devops Server 2020.1.2 Microsoft Azure Devops Server 2022 Microsoft Azure Devops Server 2022.0.1

Timeline

PublishedJun 13

Description

Azure DevOps Server Spoofing Vulnerability Azure DevOps Server Spoofing Vulnerability

Affected Packages3 packages

▶CVEListV5microsoft/azure_devops_server_202220230131.0 — 20230602.4

▶CVEListV5microsoft/azure_devops_server_2020.1.22020.1.0 — 20230601.3

▶CVEListV5microsoft/azure_devops_server_2022.0.12022.0.0 — 20230602.5

🔴Vulnerability Details

1

CVEList

Azure DevOps Server Spoofing Vulnerability↗2023-06-13

▶

📋Vendor Advisories

1

Microsoft

Azure DevOps Server Spoofing Vulnerability↗2023-06-13

▶

CVE-2023-21565 (HIGH CVSS 7.1) | Azure DevOps Server Spoofing Vulner | cvebase.io