Lucene search

MicrosoftVULNRICHMENT:CVE-2024-43476

HistorySep 10, 2024 - 4:54 p.m.

CVE-2024-43476 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

2024-09-1016:54:17

CWE-79

microsoft

github.com

cve-2024

microsoft

dynamics 365

cross-site scripting

CVSS3

7.6

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C

EPSS

0.001

Percentile

18.9%

SSVC

Exploitation

none

Automatable

Technical Impact

partial

JSON

References

msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43476