What the vulnerability does
01Description
Azure DevOps Server Spoofing Vulnerability
CVSS base score
7.6/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:L/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
July 9, 2024
CVE published
December 9, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2024-23345 Nautobot has XSS potential in rendered Markdown fields
CVE-2025-11926 Related Posts Lite <= 1.12 - Authenticated (Admin+) Stored Cross-Site Scripting
CVE-2023-29172 WordPress PropertyHive Plugin <= 1.5.46 is vulnerable to Cross Site Scripting (XSS)
CVE-2024-7785 Reflected XSS in Ece Software's Electronic Ticket System
CVE-2025-23837 WordPress One Backend Language Plugin <= 1.0 - Reflected Cross Site Scripting (XSS) vulnerability
