Vulnerabilities > Microsoft > Dynamics 365 > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-09-11 | CVE-2020-16878 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-09-11 | CVE-2020-16871 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-09-11 | CVE-2020-16864 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-09-11 | CVE-2020-16861 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 8.2/9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-09-11 | CVE-2020-16860 | Unspecified vulnerability in Microsoft Dynamics 365 9.0 <p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. | 6.8 |
| 2020-09-11 | CVE-2020-16859 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-09-11 | CVE-2020-16858 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.0 <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-08-17 | CVE-2020-1591 | Cross-site Scripting vulnerability in Microsoft Dynamics 365 9.0 A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. | 5.4 |
| 2020-01-24 | CVE-2018-8654 | Improper Privilege Management vulnerability in Microsoft Dynamics 365 8.0 An elevation of privilege vulnerability exists in Microsoft Dynamics 365 Server, aka 'Microsoft Dynamics 365 Elevation of Privilege Vulnerability'. | 4.0 |
| 2019-05-16 | CVE-2019-1008 | Unspecified vulnerability in Microsoft Dynamics 365 and Dynamics CRM 2015 A security feature bypass vulnerability exists in Dynamics On Premise, aka 'Microsoft Dynamics On-Premise Security Feature Bypass'. network microsoft | 4.3 |