CVE-2023-36869

CWE-79 — Cross-site Scripting (XSS)2 documents2 sources

Severity

6.3MEDIUM

No vector

EPSS

0.2%

top 60.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

4

Microsoft Azure Devops Server Microsoft Azure Devops Server 2019.0.1 Microsoft Azure Devops Server 2020.1.2 +1 more

Timeline

PublishedAug 8

Description

Azure DevOps Server Spoofing Vulnerability Azure DevOps Server Spoofing Vulnerability

Affected Packages4 packages

▶CVEListV5microsoft/azure_devops_server1.0.0 — 20230601.1

▶CVEListV5microsoft/azure_devops_server_2019.0.12019.0.0 — 20230721.6

▶CVEListV5microsoft/azure_devops_server_2020.1.22020.1.0 — 20230601.3

▶CVEListV5microsoft/azure_devops_server_2022.0.12022.0.0 — 20230602.5

🔴Vulnerability Details

1

CVEList

Azure DevOps Server Spoofing Vulnerability↗2023-08-08

▶

📋Vendor Advisories

1

Microsoft

Azure DevOps Server Spoofing Vulnerability↗2023-08-08

▶

CVE-2023-36869 (MEDIUM CVSS 6.3) | Azure DevOps Server Spoofing Vulner | cvebase.io