KLA61356
Multiple vulnerabilities in Microsoft Dynamics

Multiple vulnerabilities were found in Microsoft Dynamics. Malicious users can exploit these vulnerabilities to cause denial of service, spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. A denial of service vulnerability in Microsoft Common Data Model SDK can be exploited remotely to cause denial of service.
2. A cross-site-scripting (XSS) vulnerability Microsoft Dynamics 365 (on-premises) can be exploited remotely to spoof user interface.
3. An information disclosure vulnerability in Microsoft Dynamics 365 (On-Premises) can be exploited remotely to obtain sensitive information.

Microsoft Common Data Model SDK for Java
Microsoft Common Data Model SDK for C#
Microsoft Common Data Model SDK for Python
Microsoft Common Data Model SDK for TypeScript
Microsoft Dynamics 365 (on-premises) version 9.0
Microsoft Dynamics 365 (on-premises) version 9.1

Install necessary updates from the KB section, that are listed in your Windows Update (Windows Update usually can be accessed from the Control Panel)

5026501
5026500
5029396
5030608
5031500
5031499