VYPR

Dynamics 365 (on-premises)

by Microsoft

CVEs (70)

  • CVE-2020-0656MedJan 14, 2020
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

  • CVE-2019-1375MedOct 10, 2019
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.

  • CVE-2018-8608MedNov 14, 2018
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability."…

  • CVE-2018-8607MedNov 14, 2018
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability."…

  • CVE-2018-8606MedNov 14, 2018
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability."…

  • CVE-2018-8605MedNov 14, 2018
    risk 0.35cvss 5.4epss 0.01

    A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability."…

  • CVE-2025-58112Mar 18, 2026
    risk 0.00cvss epss 0.00

    Microsoft Dynamics 365 Customer Engagement (on-premises) 1612 (9.0.2.3034) allows the generation of customized reports via raw SQL queries in an upload of a .rdl (Report Definition Language) file; this is then processed by the SQL Server Reporting Service. An account with the…

  • CVE-2025-62206Nov 11, 2025
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-53728Aug 12, 2025
    risk 0.00cvss epss 0.01

    Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-49745Aug 12, 2025
    risk 0.00cvss epss 0.00

    Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network.

Page 4 of 4