CVSS: 8.0EPSS: 2%CPEs: 1EXPL: 0CVE-2020-1182 – Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2020-1182
A remote code execution vulnerability exists in Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11. An attacker who successfully exploited this vulnerability could gain remote code execution via server-side script execution on the victim server. An authenticated attacker with privileges to import and export data could exploit this vulnerability by sending a specially crafted file to a vulnerable Dynamics server. The security update addresses the vulnerability by correcting how Microsoft Dynamics 365 for Finance and Operations (on-premises) version 10.0.11 handles user input. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Dynamics 365 for Finance and Operations (en sitio) versión 10.0.11, también se conoce como "Microsoft Dynamics 365 for Finance and Operations (on-premises) Remote Code Execution Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1182 •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-1063
https://notcve.org/view.php?id=CVE-2020-1063
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. Existe una vulnerabilidad de tipo cross-site-scripting cuando Microsoft Dynamics 365 (en sitio) no sanea apropiadamente una petición web especialmente diseñada para un servidor Dynamics afectado, también se conoce como "Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1063 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 0CVE-2020-1049
https://notcve.org/view.php?id=CVE-2020-1049
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is unique from CVE-2020-1050. Hay una vulnerabilidad de tipo cross site scripting cuando Microsoft Dynamics 365 (on-premises) no sanea adecuadamente una petición web especialmente diseñada para un servidor Dynamics afectado, también se conoce como "Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability". Este ID de CVE es diferente de CVE-2020-1050. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1049 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 0CVE-2020-1050
https://notcve.org/view.php?id=CVE-2020-1050
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server, aka 'Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability'. This CVE ID is unique from CVE-2020-1049. Hay una vulnerabilidad de tipo cross site scripting cuando Microsoft Dynamics 365 (on-premises) no sanea apropiadamente una petición web especialmente diseñada para un servidor Dynamics afectado, también se conoce como "Microsoft Dynamics 365 (On-Premise) Cross Site Scripting Vulnerability". Este ID de CVE es diferente de CVE-2020-1049. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1050 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 8.0EPSS: 2%CPEs: 8EXPL: 0CVE-2020-1022
https://notcve.org/view.php?id=CVE-2020-1022
A remote code execution vulnerability exists in Microsoft Dynamics Business Central, aka 'Dynamics Business Central Remote Code Execution Vulnerability'. Hay una vulnerabilidad de ejecución de código remota en Microsoft Dynamics Business Central, también se conoce como "Dynamics Business Central Remote Code Execution Vulnerability". • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1022 •