CVE-2025-62210

Name of the Vulnerable Software and Affected Versions Microsoft Dynamics 365 Field Service (online) (affected versions not specified)

Description The issue is a cross-site scripting (XSS) flaw due to improper neutralization of input during web page generation. This allows an authorized attacker to execute arbitrary script code within the web application, potentially leading to spoofing and the theft of user credentials or actions performed on behalf of authenticated users.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.