6 matches found
Security Updates for Microsoft Dynamics 365 (on-premises) (April 2023)
The Microsoft Dynamics 365 on-premises is missing security updates. It is, therefore, affected by multiple session spoofing vulnerabilities. An attacker can exploit these to perform actions with the privileges of another user. Note that Nessus has not tested for these issues but has instead relie...
CVE-2023-28309
Microsoft Dynamics 365 on-premises Cross-site Scripting Vulnerability...
CVE-2023-28309
Microsoft Dynamics 365 on-premises Cross-site Scripting Vulnerability...
CVE-2023-28309 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
...
CVE-2023-28309
CVE-2023-28309 affects Microsoft Dynamics 365 (on-premises) and is a Cross-site Scripting vulnerability. ENISA/NCSC notes it enables a remote attacker to exploit XSS to execute code in the victim’s browser and potentially access sensitive data; Attack vector is network with user interaction requi...
KLA48838 Multiple vulnerabilities in Microsoft Dynamics
Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to spoof user interface. Below is a complete list of vulnerabilities: 1. A cross-site-scripting XSS vulnerability Microsoft Dynamics 365 Customer Voice can be exploited remotely to spoof...