Skip to main content

Dynamics 365

90 CVEs product

Monthly

CVE-2025-62211 HIGH This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-62210 HIGH This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365
NVD
CVSS 3.1
8.7
EPSS
0.1%
CVE-2025-62206 MEDIUM This Month

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
0.2%
CVE-2025-55238 HIGH This Month

Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Dynamics 365
NVD
CVSS 3.1
7.5
EPSS
0.1%
CVE-2025-53728 MEDIUM This Month

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
0.1%
CVE-2025-49745 MEDIUM This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.1%
CVE-2025-49715 HIGH This Week

CVE-2025-49715 is a private personal information disclosure vulnerability in Microsoft Dynamics 365 FastTrack Implementation Assets that allows unauthenticated network-based attackers to access sensitive user data without any user interaction. The vulnerability has a CVSS score of 7.5 (High) with confirmed high confidentiality impact, and affects organizations using Dynamics 365 FastTrack resources. Given the network-accessible nature and lack of authentication requirements, this poses significant risk to enterprise customer data security.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
7.5
EPSS
0.3%
CVE-2024-43476 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.8%
CVE-2024-38211 HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

XSS Open Redirect Microsoft Dynamics 365
NVD
CVSS 3.1
8.2
EPSS
0.9%
CVE-2024-38182 CRITICAL Act Now

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
9.8
EPSS
0.9%
CVE-2024-30061 HIGH PATCH This Week

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
7.3
EPSS
1.4%
CVE-2024-35263 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
5.7
EPSS
1.7%
CVE-2024-21419 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.1%
CVE-2024-21396 HIGH PATCH This Week

Dynamics 365 Sales Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.2%
CVE-2024-21395 HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
8.2
EPSS
1.1%
CVE-2024-21394 HIGH PATCH This Week

Dynamics 365 Field Service Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.1%
CVE-2024-21393 HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.2%
CVE-2024-21389 HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.2%
CVE-2024-21328 HIGH PATCH This Week

Dynamics 365 Sales Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.3%
CVE-2024-21327 HIGH PATCH This Week

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.3%
CVE-2023-36020 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.0%
CVE-2023-35621 HIGH PATCH This Week

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Dynamics 365
NVD
CVSS 3.1
7.5
EPSS
2.3%
CVE-2023-36410 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-36031 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-36030 MEDIUM PATCH This Month

Microsoft Dynamics 365 Sales Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.1
EPSS
0.9%
CVE-2023-36016 LOW PATCH Monitor

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
3.4
EPSS
1.3%
CVE-2023-36433 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
1.9%
CVE-2023-36429 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
2.0%
CVE-2023-36416 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.1
EPSS
0.8%
CVE-2023-38164 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-36886 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2023-36800 MEDIUM PATCH This Month

Dynamics Finance and Operations Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-35389 MEDIUM PATCH This Month

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

RCE XXE Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-24896 MEDIUM PATCH This Month

Dynamics 365 Finance Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-35335 HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
8.2
EPSS
0.8%
CVE-2023-33171 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-28314 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.1
EPSS
0.7%
CVE-2023-28309 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.7%
CVE-2023-24922 MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-24921 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24920 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Microsoft XSS CSRF Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.3%
CVE-2023-24919 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24891 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-24879 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-21778 HIGH PATCH This Week

Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft Dynamics 365
NVD
CVSS 3.1
8.0
EPSS
1.0%
CVE-2023-21807 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
0.7%
CVE-2023-21573 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-21572 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
0.6%
CVE-2023-21571 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2023-21570 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.6%
CVE-2022-35805 HIGH This Week

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
2.3%
CVE-2022-34700 HIGH This Week

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft SQLi RCE Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
3.1%
CVE-2022-23259 HIGH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
2.8%
CVE-2021-42316 HIGH PATCH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
2.1%
CVE-2021-41354 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-41353 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-40457 HIGH PATCH This Week

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.1
7.4
EPSS
1.5%
CVE-2021-36950 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
0.9%
CVE-2021-34524 HIGH PATCH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
CVSS 3.1
8.1
EPSS
3.3%
CVE-2021-28461 MEDIUM PATCH This Month

Dynamics Finance and Operations Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
6.1
EPSS
1.3%
CVE-2021-24101 MEDIUM PATCH This Month

Microsoft Dataverse Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
2.8%
CVE-2020-17158 HIGH PATCH This Week

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-17152 HIGH PATCH This Week

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365
NVD
CVSS 3.1
8.8
EPSS
2.7%
CVE-2020-17147 HIGH PATCH This Week

Dynamics CRM Webclient Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
CVSS 3.1
8.7
EPSS
1.5%
CVE-2020-17021 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-17018 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-17005 MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.3%
CVE-2020-16978 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2020-16956 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2020-16943 MEDIUM PATCH This Month

<p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
CVSS 3.1
6.5
EPSS
1.1%
CVE-2020-16878 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-16872 HIGH PATCH This Week

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
7.6
EPSS
1.8%
CVE-2020-16871 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-16864 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-16862 HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE Microsoft Dynamics 365
NVD
CVSS 3.1
7.1
EPSS
3.4%
CVE-2020-16861 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-16860 MEDIUM PATCH This Month

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Microsoft Dynamics 365
NVD
CVSS 3.1
6.8
EPSS
2.7%
CVE-2020-16859 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-16858 MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.6%
CVE-2020-1591 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.5%
CVE-2020-1063 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.4%
CVE-2020-0656 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.5%
CVE-2019-1375 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
CVSS 3.1
5.4
EPSS
1.5%
CVE-2019-1229 HIGH PATCH This Week

An elevation of privilege vulnerability exists in Dynamics On-Premise v9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dynamics 365
NVD
CVSS 3.0
8.8
EPSS
3.5%
CVE-2019-1008 MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Microsoft Dynamics 365 Dynamics Crm 2015
NVD
CVSS 3.0
5.9
EPSS
2.8%
CVE-2018-8609 HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
CVSS 3.0
8.8
EPSS
8.7%
CVE-2018-8608 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.0
5.4
EPSS
1.4%
CVE-2018-8607 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.0
5.4
EPSS
1.4%
CVE-2018-8606 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.0
5.4
EPSS
1.4%
CVE-2018-8605 MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
CVSS 3.0
5.4
EPSS
1.4%
EPSS 0% CVSS 8.7
HIGH This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365
NVD
EPSS 0% CVSS 8.7
HIGH This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XSS Dynamics 365
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 0% CVSS 7.5
HIGH This Month

Dynamics 365 FastTrack Implementation Assets Information Disclosure Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Authentication Bypass Information Disclosure Dynamics 365
NVD
EPSS 0% CVSS 6.5
MEDIUM This Month

Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft Information Disclosure Dynamics 365
NVD
EPSS 0% CVSS 5.4
MEDIUM This Month

Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Microsoft XSS Dynamics 365
NVD
EPSS 0% CVSS 7.5
HIGH This Week

CVE-2025-49715 is a private personal information disclosure vulnerability in Microsoft Dynamics 365 FastTrack Implementation Assets that allows unauthenticated network-based attackers to access sensitive user data without any user interaction. The vulnerability has a CVSS score of 7.5 (High) with confirmed high confidentiality impact, and affects organizations using Dynamics 365 FastTrack resources. Given the network-accessible nature and lack of authentication requirements, this poses significant risk to enterprise customer data security.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Open Redirect vulnerability could allow attackers to redirect users to malicious websites via URL manipulation.

XSS Open Redirect Microsoft +1
NVD
EPSS 1% CVSS 9.8
CRITICAL Act Now

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 1% CVSS 7.3
HIGH PATCH This Week

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, low attack complexity.

Authentication Bypass Information Disclosure Microsoft +1
NVD
EPSS 2% CVSS 5.7
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 5.7), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Dynamics 365 Sales Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Dynamics 365 Field Service Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Dynamics 365 Sales Spoofing Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 7.6
HIGH PATCH This Week

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Denial Of Service Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Dynamics 365 Sales Spoofing Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 3.4
LOW PATCH Monitor

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated low severity (CVSS 3.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Dynamics Finance and Operations Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

RCE XXE Microsoft +1
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Dynamics 365 Finance Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 8.2
HIGH PATCH This Week

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.2), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Request Forgery (CSRF) vulnerability could allow attackers to trick authenticated users into performing unintended actions.

Microsoft XSS CSRF +1
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 8.0
HIGH PATCH This Week

Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability. Rated high severity (CVSS 8.0), this vulnerability is remotely exploitable. This Command Injection vulnerability could allow attackers to inject arbitrary commands into system command execution.

RCE Command Injection Microsoft +1
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 8.8
HIGH This Week

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft RCE Dynamics 365
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Microsoft SQLi RCE +1
NVD
EPSS 3% CVSS 8.8
HIGH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Microsoft Dynamics 365
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
EPSS 2% CVSS 7.4
HIGH PATCH This Week

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability. Rated high severity (CVSS 7.4), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 3% CVSS 8.1
HIGH PATCH This Week

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

Dynamics Finance and Operations Cross-site Scripting Vulnerability. Rated medium severity (CVSS 6.1), this vulnerability is low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

Microsoft Dataverse Information Disclosure Vulnerability. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

RCE Microsoft Dynamics 365
NVD
EPSS 1% CVSS 8.7
HIGH PATCH This Week

Dynamics CRM Webclient Cross-site Scripting Vulnerability. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 6.5
MEDIUM PATCH This Month

<p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. Rated medium severity (CVSS 6.5), this vulnerability is no authentication required, low attack complexity.

Microsoft Information Disclosure Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 7.6
HIGH PATCH This Week

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated high severity (CVSS 7.6), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 3% CVSS 7.1
HIGH PATCH This Week

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable.

RCE Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 3% CVSS 6.8
MEDIUM PATCH This Month

<p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable.

RCE Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

<p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 2% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Microsoft Dynamics 365
NVD
EPSS 3% CVSS 8.8
HIGH PATCH This Week

An elevation of privilege vulnerability exists in Dynamics On-Premise v9. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Information Disclosure Dynamics 365
NVD
EPSS 3% CVSS 5.9
MEDIUM PATCH This Month

A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'. Rated medium severity (CVSS 5.9), this vulnerability is remotely exploitable, no authentication required.

Authentication Bypass Microsoft Dynamics 365 +1
NVD
EPSS 9% CVSS 8.8
HIGH PATCH This Week

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity.

Microsoft RCE Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

Microsoft XSS Dynamics 365
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy