Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability. On successful exploitation, the attacker is only able to modify the content of the vulnerable link to redirect the victim to a malicious site. Limited information from the victim's browser associated with the vulnerable URL can be sent to the attacker by the malicious code.