Vulnerabilities > Microsoft > Dynamics AX > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2014-01-15 | CVE-2014-0261 | Improper Input Validation vulnerability in Microsoft Dynamics AX 2009/2012/4.0 Microsoft Dynamics AX 4.0 SP2, 2009 SP1, 2012, and 2012 R2 allows remote authenticated users to cause a denial of service (instance outage) via crafted data to an Application Object Server (AOS) instance, aka "Query Filter DoS Vulnerability." | 4.0 |
| 2012-06-12 | CVE-2012-1857 | Cross-Site Scripting vulnerability in Microsoft Dynamics AX 2012 Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynamics AX Enterprise Portal XSS Vulnerability." | 4.3 |