Vulnerability Details CVE-2019-1375
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.01
EPSS Ranking 75.6%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2019-1375
-
cpe:2.3:a:microsoft:dynamics_365:9.0
-
cpe:2.3:a:microsoft:dynamics_365:9.0.3.7
-
cpe:2.3:a:microsoft:dynamics_365:9.0.4.0005
-
cpe:2.3:a:microsoft:dynamics_365:9.0.5.5
-
cpe:2.3:a:microsoft:dynamics_365:9.0.6.9
-
cpe:2.3:a:microsoft:dynamics_365:9.0.7.7
-
cpe:2.3:a:microsoft:dynamics_365:9.0.8.0005