cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-43476,https://securityvulnerability.io/vulnerability/CVE-2024-43476,Cross-site Scripting Vulnerability in Microsoft Dynamics 365 (on-premises),Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,5.4,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2024-09-10T16:54:17.526Z,0
CVE-2024-38211,https://securityvulnerability.io/vulnerability/CVE-2024-38211,Cross-site Scripting Vulnerability Impacts Dynamics 365 (on-premises),"A cross-site scripting vulnerability in Microsoft Dynamics 365 (on-premises) enables an attacker to inject arbitrary web script or HTML into a user's browser session. This could lead to unauthorized actions or exposure of sensitive information, as affected users may be tricked into executing scripts that compromise their security. It is crucial for organizations using Microsoft Dynamics 365 on-premises to apply necessary patches and updates to mitigate potential exploitation of this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,8.2,HIGH,0.0014299999456852674,false,,false,false,false,,,false,false,,2024-08-13T17:30:34.256Z,0
CVE-2024-30061,https://securityvulnerability.io/vulnerability/CVE-2024-30061,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,An information disclosure vulnerability in Microsoft Dynamics 365 (On-Premises) could allow unauthorized users to access sensitive data. An attacker who successfully exploits this vulnerability could gain access to confidential information that should otherwise be protected from exposure. Organizations using Microsoft Dynamics 365 must be vigilant about their deployment and access controls to mitigate potential risks associated with this flaw.,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.3,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-07-09T17:15:00.000Z,0
CVE-2024-35263,https://securityvulnerability.io/vulnerability/CVE-2024-35263,Microsoft Dynamics 365 On-Premises Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,5.7,MEDIUM,0.0035099999513477087,false,,false,false,false,,,false,false,,2024-06-11T17:00:08.880Z,0
CVE-2024-21419,https://securityvulnerability.io/vulnerability/CVE-2024-21419,Cross-site Scripting Vulnerability Affects Microsoft Dynamics 365 (On-premises),"A cross-site scripting vulnerability exists in Microsoft Dynamics 365 (on-premises) that could allow an attacker to execute arbitrary scripts in the context of a user's session. By exploiting this vulnerability, an unauthorized user could potentially gain access to sensitive information, manipulate user sessions, or redirect users to malicious websites. It is essential for organizations using affected versions of Microsoft Dynamics 365 to assess their security posture and apply the necessary mitigations to prevent exploitation.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-03-12T16:58:00.401Z,0
CVE-2024-21395,https://securityvulnerability.io/vulnerability/CVE-2024-21395,Cross-site Scripting Vulnerability Affects Microsoft Dynamics 365 (On-premises),"The Microsoft Dynamics 365 (on-premises) Cross-site Scripting vulnerability presents significant security risks for user data and sessions. This vulnerability can allow attackers to inject malicious scripts into web pages, potentially compromising user interactions and allowing unauthorized access to sensitive information. Organizations utilizing this product must prioritize security measures to mitigate the risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,8.2,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-02-13T18:02:45.175Z,0
CVE-2024-21328,https://securityvulnerability.io/vulnerability/CVE-2024-21328,Microsoft Dynamics 365 Sales Spoofing Vulnerability: What You Need to Know,"The spoofing vulnerability in Dynamics 365 Sales allows attackers to impersonate legitimate users, potentially gaining unauthorized access to sensitive information and operating within the application as if they were a trusted entity. Exploitation of this vulnerability could lead to manipulation of data or services, creating significant risks for organizations that rely on this CRM platform for customer engagement and sales operations. Vigilance in monitoring and applying security patches is essential to mitigate associated risks.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-02-13T18:02:28.777Z,0
CVE-2024-21396,https://securityvulnerability.io/vulnerability/CVE-2024-21396,Dynamics 365 Sales Spoofing Vulnerability,"The vulnerability in Dynamics 365 Sales allows an attacker to spoof legitimate users, potentially leading to unauthorized access and manipulation of sensitive data. This could compromise user authentication processes, resulting in significant security risks often associated with identity verification failures. As organizations increasingly rely on cloud services for critical operations, awareness and prompt mitigation of such vulnerabilities are crucial for safeguarding data integrity and user trust.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-02-13T18:02:22.505Z,0
CVE-2024-21394,https://securityvulnerability.io/vulnerability/CVE-2024-21394,Dynamics 365 Field Service Spoofing Vulnerability,"The Dynamics 365 Field Service software from Microsoft is impacted by a spoofing vulnerability that allows attackers to impersonate legitimate users, leading to potential unauthorized actions within the application. This vulnerability poses a significant risk for organizations relying on Dynamics 365 Field Service to manage their operations, as it could lead to compromised data integrity and unauthorized access. Immediate attention and remediation are recommended to mitigate potential security risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005300000193528831,false,,false,false,false,,,false,false,,2024-02-13T18:02:21.915Z,0
CVE-2024-21393,https://securityvulnerability.io/vulnerability/CVE-2024-21393,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A Cross-site Scripting vulnerability in Microsoft Dynamics 365 (on-premises) allows attackers to inject malicious scripts into web pages viewed by users. This vulnerability can lead to unauthorized access to sensitive information, session hijacking, or further exploitation of the affected environment. It is crucial for users of affected versions to implement appropriate security measures to mitigate potential attacks. Regular monitoring and applying security updates as recommended by the vendor are vital for maintaining the integrity and security of your systems.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-02-13T18:02:21.317Z,0
CVE-2024-21389,https://securityvulnerability.io/vulnerability/CVE-2024-21389,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"Microsoft Dynamics 365 (on-premises) is affected by a Cross-site Scripting vulnerability that can allow an attacker to inject malicious scripts into web pages viewed by users, leading to potential data theft or unauthorized actions. This vulnerability can be exploited if an attacker manages to convince a user to click on a specially crafted link. Timely application of security updates is crucial to mitigate the risks associated with this vulnerability.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0004799999878741801,false,,false,false,false,,,false,false,,2024-02-13T18:02:20.755Z,0
CVE-2023-36020,https://securityvulnerability.io/vulnerability/CVE-2023-36020,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A security flaw exists in Microsoft Dynamics 365 (on-premises) that allows attackers to inject malicious scripts into web pages viewed by users. This Cross-site Scripting vulnerability can be exploited to execute arbitrary code in the context of affected users, potentially leading to data breaches, unauthorized actions, and severe trust issues. Organizations using Microsoft Dynamics 365 (on-premises) should take immediate action to address this vulnerability to safeguard their systems and users.",Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",7.6,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-12-12T18:15:00.000Z,0
CVE-2023-36030,https://securityvulnerability.io/vulnerability/CVE-2023-36030,Microsoft Dynamics 365 Sales Spoofing Vulnerability,Microsoft Dynamics 365 Sales Spoofing Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",6.1,MEDIUM,0.0007600000244565308,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36031,https://securityvulnerability.io/vulnerability/CVE-2023-36031,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A Cross-site Scripting vulnerability exists in Microsoft Dynamics 365 (on-premises), which allows attackers to inject malicious scripts into web pages viewed by users. This could lead to the exposure of sensitive data or unauthorized actions performed on behalf of the user. It is crucial for organizations using this platform to assess their exposure and apply the necessary patches or mitigations to prevent exploitation.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36016,https://securityvulnerability.io/vulnerability/CVE-2023-36016,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.2,MEDIUM,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36410,https://securityvulnerability.io/vulnerability/CVE-2023-36410,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A Cross-site Scripting (XSS) vulnerability exists in Microsoft Dynamics 365 (on-premises) that could allow an attacker to inject malicious scripts into web pages viewed by users. This vulnerability can be exploited if an attacker persuades a user to access a specially crafted web page that contains the malicious script. Successful exploitation could lead to unauthorized actions on behalf of the user, exposed session tokens, or leakage of sensitive information.",Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.1,7.6,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-11-14T18:15:00.000Z,0
CVE-2023-36416,https://securityvulnerability.io/vulnerability/CVE-2023-36416,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",6.1,MEDIUM,0.00046999999904073775,false,,false,false,false,,,false,false,,2023-10-10T18:15:00.000Z,0
CVE-2023-36429,https://securityvulnerability.io/vulnerability/CVE-2023-36429,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.5,MEDIUM,0.0005000000237487257,false,,false,false,false,,,false,false,,2023-10-10T18:15:00.000Z,0
CVE-2023-36433,https://securityvulnerability.io/vulnerability/CVE-2023-36433,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2023-10-10T18:15:00.000Z,0
CVE-2023-38164,https://securityvulnerability.io/vulnerability/CVE-2023-38164,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"This vulnerability allows an attacker to inject malicious scripts into web pages displayed to users of Microsoft Dynamics 365 (on-premises). An attacker exploiting this vulnerability can execute unauthorized actions on behalf of a user, potentially exposing sensitive user data or facilitating phishing attacks. It's critical for organizations using Dynamics 365 (on-premises) to apply the latest security updates and best practices to mitigate these risks.",Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",7.6,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-36886,https://securityvulnerability.io/vulnerability/CVE-2023-36886,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A cross-site scripting vulnerability in Microsoft Dynamics 365 (on-premises) allows attackers to inject malicious scripts into web applications. This can lead to unauthorized actions being taken on behalf of users, revealing sensitive information or compromising user accounts. Organizations using the affected product should implement security measures to mitigate risks associated with this vulnerability.",Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.1,Microsoft Dynamics 365 (on-premises) Version 9.0",7.6,HIGH,0.0005200000014156103,false,,false,false,false,,,false,false,,2023-09-12T17:15:00.000Z,0
CVE-2023-35389,https://securityvulnerability.io/vulnerability/CVE-2023-35389,Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability,Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability,Microsoft,Microsoft Dynamics 365 (on-premises) Version 9.0,6.5,MEDIUM,0.0021100000012665987,false,,false,false,false,,,false,false,,2023-08-08T18:15:00.000Z,0
CVE-2023-35335,https://securityvulnerability.io/vulnerability/CVE-2023-35335,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"A Cross-site Scripting (XSS) vulnerability exists in Microsoft Dynamics 365 (on-premises), which may allow attackers to inject malicious scripts into web pages viewed by users. This could potentially lead to unauthorized data access or manipulation. Organizations using this product are encouraged to implement security measures and apply updates to mitigate the risk associated with this vulnerability.",Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",8.2,HIGH,0.0006000000284984708,false,,false,false,false,,,false,false,,2023-07-11T18:15:00.000Z,0
CVE-2023-33171,https://securityvulnerability.io/vulnerability/CVE-2023-33171,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,"Microsoft Dynamics 365 (on-premises) is susceptible to a Cross-site Scripting vulnerability, which could allow attackers to inject malicious scripts into web pages viewed by users. This vulnerability could lead to unauthorized actions being taken on behalf of the victim or exposure of sensitive information. It is crucial for organizations to review their current implementations of Dynamics 365 and apply the latest security updates to mitigate potential risks associated with this vulnerability.",Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",8.2,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2023-07-11T18:15:00.000Z,0
CVE-2023-28314,https://securityvulnerability.io/vulnerability/CVE-2023-28314,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability,Microsoft,"Microsoft Dynamics 365 (on-premises) Version 9.0,Microsoft Dynamics 365 (on-premises) Version 9.1",6.1,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2023-04-11T21:15:00.000Z,0