Download
| Alert*
oval:org.secpod.oval:def:59471
Microsoft Dynamics 365 is installed oval:org.secpod.oval:def:59472 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:59473 The host is missing an important security update for KB4515519 oval:org.secpod.oval:def:83950 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. oval:org.secpod.oval:def:83949 Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability. oval:org.secpod.oval:def:78860 Microsoft Dynamics 365 (on-premises) Remote Code Execution Vulnerability. oval:org.secpod.oval:def:69005 Microsoft Dynamics 365 (on-premises) Dataverse Information Disclosure Vulnerability. oval:org.secpod.oval:def:67645 The host is installed with Microsft Dynamics 365 9.0 before 9.0.23.7 and is prone to a cross-site scripting vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation of this vulnerability may allow a remote attacker to perform cross-site ... oval:org.secpod.oval:def:67646 The host is missing an important security update for KB4595459 oval:org.secpod.oval:def:66852 The host is missing an important security update for KB4584611 oval:org.secpod.oval:def:66855 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and ... oval:org.secpod.oval:def:66854 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and ... oval:org.secpod.oval:def:66853 The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data. A remote authenticated attacker can trick the victim to follow a specially crafted link and execute arbitrary HTML and ... oval:org.secpod.oval:def:66027 The host is missing an important security update for KB4578106 oval:org.secpod.oval:def:66029 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:66028 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65466 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65467 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65468 The host is missing an important security update for KB4574742 oval:org.secpod.oval:def:65476 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65477 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65478 The host is missing an important security update for KB4574742 oval:org.secpod.oval:def:65472 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65473 A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. ... oval:org.secpod.oval:def:65474 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65475 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65462 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65463 A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. ... oval:org.secpod.oval:def:65464 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65465 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65469 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65470 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65471 A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. ... oval:org.secpod.oval:def:65459 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65460 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:65461 A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. ... oval:org.secpod.oval:def:64938 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics se ... oval:org.secpod.oval:def:64939 The host is missing an important security update for KB4541722 oval:org.secpod.oval:def:98470 Dynamics 365 Cross-site Scripting Vulnerability. An authorized attacker with read/write privileges must send a victim a malicious email, or share the link to a malicious email, and convince them to open it to be compromised by the attacker. The attacker is only able to modify the content of the vuln ... oval:org.secpod.oval:def:98471 The host is missing an important security update for KB5035697 oval:org.secpod.oval:def:10000766 Dynamics 365 Information Disclosure Vulnerability. Any authenticated attacker could trigger this vulnerability. It does not require admin or other elevated privileges. This vulnerability allows exfiltration of all the data that the logged-in user can access. oval:org.secpod.oval:def:10000767 The host is missing an important security update for KB5039459 |