KLA11382
SUI vulnerability in Microsoft Dynamics
Updated: 03/07/2019
Detect date
?
12/11/2018
Severity
?
High
Description

Cross-site-scripting (XSS) vulnerability was found in Microsoft Dynamics NAV. Malicious users can exploit this vulnerability remotely via specially crafted web page to spoof user interface.

Affected products

Microsoft Dynamics NAV 2017
Microsoft Dynamics NAV 2016

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2018-8651

Impacts
?
SUI 
[?]
Related products
Microsoft Dynamics 365
CVE-IDS
?

CVE-2018-8651

KB list

4479233
4479232
4482986

Microsoft official advisories
Microsoft Security Update Guide