PT-2024-8866 · Microsoft · Dynamics 365 Sales
Published
2024-11-26
·
Updated
2025-01-08
·
CVE-2024-49053
CVSS v3.1
7.6
High
| Vector | AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N |
Name of the Vulnerable Software and Affected Versions:
Microsoft Dynamics 365 Sales versions prior to 3.24104.15
Description:
The issue concerns a spoofing vulnerability in Microsoft Dynamics 365 Sales. This vulnerability may allow a remote attacker to perform a spoofing attack by not taking measures to protect the web page structure.
Recommendations:
Update Dynamics 365 Sales apps for Android and iOS to version 3.24104.15 to secure against the issue. As a temporary workaround, consider restricting access to potentially vulnerable web pages until the update is applied.
Fix
XSS
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Dynamics 365 Sales