CVE-2024-21328

HIGH7.6Cross-site scripting

JSON export Create alert

Description

Dynamics 365 Sales Spoofing Vulnerability

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

High

Integrity

Low

Availability

None

E

Unchanged

RL

O

RC

Changed

Affected products

Microsoft / Microsoft Dynamics 365 (on-premises) version 9.19.0 – 9.1.25.17

References

VENDOR_ADVISORYhttps://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-21328