Vulnerability Details CVE-2012-1892
Cross-site scripting (XSS) vulnerability in Microsoft Visual Studio Team Foundation Server 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via an unspecified parameter, aka "XSS Vulnerability."
Exploit prediction scoring system (EPSS) score
EPSS Score 0.449
EPSS Ranking 97.5%
CVSS Severity
CVSS v2 Score 4.3
References
- http://secunia.com/advisories/50463
- http://www.securityfocus.com/bid/55409
- http://www.securitytracker.com/id?1027511
- http://www.us-cert.gov/cas/techalerts/TA12-255A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-061
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15779
- http://secunia.com/advisories/50463
- http://www.securityfocus.com/bid/55409
- http://www.securitytracker.com/id?1027511
- http://www.us-cert.gov/cas/techalerts/TA12-255A.html
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-061
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15779
Products affected by CVE-2012-1892
-
cpe:2.3:a:microsoft:visual_studio_team_foundation_server:2010