Vulnerability Details CVE-2025-62211
Improper neutralization of input during web page generation ('cross-site scripting') in Dynamics 365 Field Service (online) allows an authorized attacker to perform spoofing over a network.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.7%
CVSS Severity
CVSS v3 Score 8.7
Products affected by CVE-2025-62211
-
cpe:2.3:a:microsoft:dynamics_365:7.0
-
cpe:2.3:a:microsoft:dynamics_365:8.8.134.351
-
cpe:2.3:a:microsoft:dynamics_365:8.8.134.552
-
cpe:2.3:a:microsoft:dynamics_365:8.8.134.558
-
cpe:2.3:a:microsoft:dynamics_365:8.8.135.227
-
cpe:2.3:a:microsoft:dynamics_365:8.8.135.315
-
cpe:2.3:a:microsoft:dynamics_365:8.8.135.323
-
cpe:2.3:a:microsoft:dynamics_365:8.8.136.190
-
cpe:2.3:a:microsoft:dynamics_365:8.8.137.20
-
cpe:2.3:a:microsoft:dynamics_365:8.8.137.22
-
cpe:2.3:a:microsoft:dynamics_365:8.8.137.30