Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Dynamics_365
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 86 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-09-11 | CVE-2020-16871 | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.</p> <p>The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current... | Dynamics_365 | N/A | ||
| 2020-09-11 | CVE-2020-16872 | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.</p> <p>The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current... | Dynamics_365 | N/A | ||
| 2020-09-11 | CVE-2020-16878 | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.</p> <p>The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current... | Dynamics_365 | N/A | ||
| 2020-10-16 | CVE-2020-16943 | <p>An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Commerce. An unauthenticated attacker who successfully exploited this vulnerability could update data without proper authorization.</p> <p>To exploit the vulnerability, an attacker would need to send a specially crafted request to an affected server.</p> <p>The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 Commerce performs authorization checks.</p> | Dynamics_365 | N/A | ||
| 2020-10-16 | CVE-2020-16956 | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.</p> <p>The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current... | Dynamics_365 | N/A | ||
| 2020-10-16 | CVE-2020-16978 | <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server.</p> <p>The attacker who successfully exploited the vulnerability could then perform cross-site scripting attacks on affected systems and run script in the security context of the current... | Dynamics_365 | N/A | ||
| 2020-11-11 | CVE-2020-17005 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Dynamics_365 | N/A | ||
| 2020-11-11 | CVE-2020-17018 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Dynamics_365 | N/A | ||
| 2020-11-11 | CVE-2020-17021 | Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability | Dynamics_365 | N/A | ||
| 2020-12-10 | CVE-2020-17147 | Dynamics CRM Webclient Cross-site Scripting Vulnerability | Dynamics_365 | N/A |