Cross-site scripting Vulnerability in Microsoft Dynamics 365

Vulnerability note CIVN-2020-0012

A vulnerability has been reported in Microsoft Dynamics 365 (on-premises) which could be exploited bu an attacker to perform
cross-site scripting attack and run scripts in the context of the current user on a targeted system.

Description 

This vulnerability exists in MIcros Dynamics 365 (on-premises) due to improper sanitization of web requests by the affected software. An attacker could exploit this vulnerability by sending a specially crafted web request to an affected system.


Successful exploitation of this vulnerability could allow the attacker to perform unauthorized actions in the context of the current user
such as reading, modifying, or deleting content, or injecting malicious content in the browser of the target system.

Comments

Popular posts from this blog

Some Dark web Links

How to join Cyber Cell or Cyber Crime Department in India || Exam or Direct or Skills???

ATM HACKING TOOL TRENDING ON DARK WEB