KLA12168
XSS vulnerability in Microsoft Dynamics

Updated: 05/12/2021
Detect date
?
05/11/2021
Severity
?
High
Description

A cross-site-scripting (XSS) vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to spoof user interface.

Affected products

Dynamics 365 for Finance and Operations

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2021-28461

Impacts
?
SUI 
[?]
Related products
Microsoft Dynamics 365
CVE-IDS
?
CVE-2021-284615.0Critical
Find out the statistics of the vulnerabilities spreading in your region