Microsoft Dynamics 365 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability


Microsoft Dynamics 365 suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability


The information has been provided by Vendor

The original article can be found at:


A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka ‘Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability’.


Vulnerable Systems:

Microsoft Dynamics 365


CVE Information:



Disclosure Timeline:
Published Date:5/21/2020

Categories: FeaturedNews