CVE-2018-8651

Name of the Vulnerable Software and Affected Versions Microsoft Dynamics NAV (affected versions not specified)

Description A cross-site scripting issue exists due to inadequate protection of the web page structure. This can allow a remote attacker to perform cross-site scripting attacks with elevated privileges by sending a specially crafted request to the vulnerable Dynamics NAV server. The issue arises from Microsoft Dynamics NAV not properly sanitizing specially crafted web requests.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.