CVE-2020-1049

Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 (on-premises) (affected versions not specified)

Description The issue is related to insufficient protection of the web page structure in Microsoft Dynamics 365, which can lead to cross-site scripting attacks. An attacker can exploit this by sending a specially crafted web request to the affected Dynamics server, potentially allowing them to perform actions such as stealing user data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.