Lucene search

CVE-2024-38166

🗓️ 06 Aug 2024 22:54:15Reported by microsoftType

Unauthenticated attacker exploits input neutralization flaw in Microsoft Dynamics 36

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 8
Vulnrichment	CVE-2024-38166 Microsoft Dynamics 365 Cross-site Scripting Vulnerability	6 Aug 202421:38	–	vulnrichment
CNVD	Microsoft Dynamics 365 (on-premises) cross-site scripting vulnerability (CNVD-2024-40538)	9 Aug 202400:00	–	cnvd
Cvelist	CVE-2024-38166 Microsoft Dynamics 365 Cross-site Scripting Vulnerability	6 Aug 202421:38	–	cvelist
NVD	CVE-2024-38166	6 Aug 202422:15	–	nvd
Kaspersky	KLA71413 XSS vulnerability in Microsoft Dynamics	6 Aug 202400:00	–	kaspersky
Microsoft CVE	Microsoft Dynamics 365 Cross-site Scripting Vulnerability	6 Aug 202407:00	–	mscve
Qualys Blog	Microsoft and Adobe Patch Tuesday, August 2024 Security Update Review	13 Aug 202420:31	–	qualysblog
Rapid7 Blog	Patch Tuesday - August 2024	13 Aug 202423:36	–	rapid7blog

Nvd

Node

microsoft dynamics_crm_service_portal_web_resourceMatch-

[
  {
    "vendor": "Microsoft",
    "product": "Dynamics CRM Service Portal Web Resource",
    "platforms": [
      "Unknown"
    ],
    "versions": [
      {
        "version": "N/A",
        "status": "affected"
      }
    ]
  }
]

Source	Link
msrc	www.msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38166

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

06 Aug 2024 22:15Current

6.9Medium risk

Vulners AI Score6.9

CVSS36.1 - 8.2

EPSS0.00558

SSVC

CWE-79