Microsoft · Dynamics Nav · CVE-2018-8651
**Name of the Vulnerable Software and Affected Versions**
Microsoft Dynamics NAV (affected versions not specified)
**Description**
A cross-site scripting issue exists due to inadequate protection of the web page structure. This can allow a remote attacker to perform cross-site scripting attacks with elevated privileges by sending a specially crafted request to the vulnerable Dynamics NAV server. The issue arises from Microsoft Dynamics NAV not properly sanitizing specially crafted web requests.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.