KLA12287
XSS vulnerability in Microsoft Dynamics

Updated: 09/16/2021
Detect date
?
09/14/2021
Severity
?
High
Description

A cross-site-scripting (XSS) vulnerability was found in Microsoft Dynamics. Malicious users can exploit this vulnerability to perform cross-site scripting attack.

Affected products

Microsoft Dynamics 365 Business Central 2021 Release Wave 1 - Update 18.5
Microsoft Dynamics 365 Business Central 2020 Release Wave 2 – Update 17.10

Solution

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Original advisories

CVE-2021-40440

Impacts
?
XSS/CSS 
[?]
Related products
Microsoft Dynamics 365
CVE-IDS
?
CVE-2021-404400.0Unknown
KB list

5006076
5006075

Find out the statistics of the vulnerabilities spreading in your region