KLA11382
SUI vulnerability in Microsoft Dynamics
Обновлено: 26/06/2019
Дата обнаружения
11/12/2018
Уровень угрозы
High
Описание

Cross-site-scripting (XSS) vulnerability was found in Microsoft Dynamics NAV. Malicious users can exploit this vulnerability remotely via specially crafted web page to spoof user interface.

Пораженные продукты

Microsoft Dynamics NAV 2017
Microsoft Dynamics NAV 2016

Решение

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

Первичный источник обнаружения
CVE-2018-8651
Оказываемое влияние
?
SUI 
[?]
Связанные продукты
Microsoft Dynamics 365
CVE-IDS
KB list

4479233
4479232
4482986

Microsoft official advisories
Microsoft Security Update Guide