89 matches found
CVE-2021-41353
Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability
CVE-2020-1591
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2020-16862
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.An...
CVE-2024-38211
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-35335
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36030
Microsoft Dynamics 365 Sales Spoofing Vulnerability
CVE-2024-35263
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2018-8609
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) version 8 when the server fails to properly sanitize web requests to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Remote Code Execution Vulnerability." This affects Microsoft Dyn...
CVE-2020-1063
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
CVE-2020-16878
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2023-33171
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-38182
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
CVE-2021-40457
Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability
CVE-2018-8654
An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'.
CVE-2020-16860
A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.An...
CVE-2023-38164
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2020-16858
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2023-36886
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2024-30061
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2020-17018
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2018-8605
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft ...
CVE-2019-1375
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
CVE-2020-16859
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2020-16871
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2020-16861
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2020-17005
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-35621
Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability
CVE-2018-8606
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft ...
CVE-2020-16872
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2018-8608
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft ...
CVE-2023-36800
Dynamics Finance and Operations Cross-site Scripting Vulnerability
CVE-2020-16864
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...
CVE-2023-36429
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2023-36416
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2018-8607
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft ...
CVE-2024-43476
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36020
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-36433
Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability
CVE-2025-49715
Exposure of private personal information to an unauthorized actor in Dynamics 365 FastTrack Implementation Assets allows an unauthorized attacker to disclose information over a network.