|MS12-061||Vulnerability in Visual Studio Team Foundation Server Could Allow Elevation of Privilege (2719584)||Microsoft Visual||Important||12-09-2012|
Brief overview of the risk:
The vulnerability could allow elevation of privilege if a user clicks a specially crafted link in an email message or browses to a webpage that is used to exploit the vulnerability.
Detailed Information on the risk:
A reflected XSS vulnerability exists in Visual Studio Team Foundation Server that could allow an attacker to inject a client-side script into the user’s instance of Internet Explorer or any web browser using Team Foundation Server web access. The script could spoof content, disclose information, or take any action that the user could take on the site on behalf of the targeted user.
Further information on this exploit is available at : MS12-061