Microsoft Dynamics 365 Improper Neutralization of Input During Web Page Generation (‘Cross-site Scripting’) Vulnerability

Summary

Microsoft Dynamics 365 suffers from improper neutralization of input during web page generation (‘Cross-site Scripting’) vulnerability

Credit:

The information has been provided by Vendor

The original article can be found at:https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1063


Details

A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka ‘Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability’.

 

Vulnerable Systems:

Microsoft Dynamics 365

 

CVE Information:

CVE-2020-1063

 

Disclosure Timeline:
Published Date:5/21/2020

Categories: FeaturedNews