Lucene search

K
MicrosoftDynamics 365

22 matches found

CVE
CVE
added 2020/10/16 11:15 p.m.134 views

CVE-2020-16943

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.To exploit the vulnerability, an attacker would need to send a specially crafted request to an ...

6.5CVSS6.3AI score0.00574EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.132 views

CVE-2020-16956

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS4.9AI score0.01314EPSS
CVE
CVE
added 2020/10/16 11:15 p.m.125 views

CVE-2020-16978

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS4.9AI score0.01346EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.121 views

CVE-2020-17152

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.11968EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.118 views

CVE-2020-17158

Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability

8.8CVSS8.9AI score0.11968EPSS
CVE
CVE
added 2020/12/10 12:15 a.m.97 views

CVE-2020-17147

Dynamics CRM Webclient Cross-site Scripting Vulnerability

8.7CVSS8.4AI score0.00749EPSS
CVE
CVE
added 2020/01/14 11:15 p.m.80 views

CVE-2020-0656

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

5.4CVSS5AI score0.00716EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.78 views

CVE-2020-17021

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

5.4CVSS5.2AI score0.00767EPSS
CVE
CVE
added 2020/08/17 7:15 p.m.77 views

CVE-2020-1591

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.2AI score0.00971EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.77 views

CVE-2020-16862

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.An...

8.8CVSS7.3AI score0.0426EPSS
CVE
CVE
added 2020/05/21 11:15 p.m.73 views

CVE-2020-1063

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

5.4CVSS5.2AI score0.01111EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.73 views

CVE-2020-16878

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.2AI score0.00416EPSS
CVE
CVE
added 2020/01/24 9:15 p.m.69 views

CVE-2018-8654

An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'.

6.5CVSS6.4AI score0.05866EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.69 views

CVE-2020-16860

A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account.An...

8.8CVSS7.2AI score0.02924EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.67 views

CVE-2020-16858

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.3AI score0.00408EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.66 views

CVE-2020-17018

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

5.4CVSS5.2AI score0.00684EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.64 views

CVE-2020-16859

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.3AI score0.00408EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.64 views

CVE-2020-16871

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.2AI score0.00408EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.63 views

CVE-2020-16861

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.2AI score0.00551EPSS
CVE
CVE
added 2020/11/11 7:15 a.m.63 views

CVE-2020-17005

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

5.4CVSS5.2AI score0.00767EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.60 views

CVE-2020-16872

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

7.6CVSS6.9AI score0.00518EPSS
CVE
CVE
added 2020/09/11 5:15 p.m.58 views

CVE-2020-16864

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics s...

5.4CVSS5.3AI score0.00541EPSS