5 matches found
CVE-2022-41127
CVE-2022-41127 affects Microsoft Dynamics NAV and Microsoft Dynamics 365 Business Central On‑Premises. Descriptions in connected docs confirm a remote code execution vulnerability and that Microsoft released updates to fix it (e.g., Update 16.19 for BC 2020 Wave 1, Update 17.17 for BC 2020 Wave 2...
CVE-2021-34474
CVE-2021-34474 is a remote code execution vulnerability in Microsoft Dynamics 365 Business Central. Public data shows exploitable via network with no user interaction; impact is high (C/C/I/A) and the attack requires high privileges (per CVSS 3.1 vector). The issue affects Dynamics 365 Business C...
CVE-2021-36946
CVE-2021-36946 is a Cross-site Scripting (XSS) vulnerability in Microsoft Dynamics Business Central (and related NAV products in linked updates). The connected docs confirm the issue, with references to Microsoft Dynamics BC NAV exposure and multiple security updates in 2021 that address the XSS ...
CVE-2021-40440
CVE-2021-40440 is a cross-site scripting (XSS) vulnerability affecting Microsoft Dynamics 365 Business Central (notably 2020 Release Wave 2 Update 17.10 and 2021 Release Wave 1 Update 18.5). The issue allows arbitrary script execution in the browser when visiting the Dynamics BC Control, as descr...
CVE-2021-1724
CVE-2021-1724 corresponds to a Cross-site Scripting vulnerability in Microsoft Dynamics Business Central. The connected data confirms an XSS issue caused by improper validation of user-supplied input in the web-facing Links and Notes feature, which authenticated attackers can exploit by crafting ...