CVE-2018-8606

Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 (affected versions not specified)

Description The issue is related to insufficient protection of the web page structure in Microsoft Dynamics 365, allowing a remote attacker to inject arbitrary code into a user-loaded web page. This could lead to unauthorized access to protected information, phishing attacks, and modification of the web page's appearance using specially crafted HTTP requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.