Microsoft: >> Dynamics 365 >> 7.0 Security Vulnerabilities
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
CVSS Score
8.7
EPSS Score
0.001
Published
2025-11-11
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
CVSS Score
8.7
EPSS Score
0.001
Published
2025-11-11
Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.
CVSS Score
9.0
EPSS Score
0.015
Published
2024-07-31
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
CVSS Score
5.4
EPSS Score
0.007
Published
2020-01-14