Microsoft Dynamics 365 Version 9.0 vulnerabilities

CVE-2023-21807 [MEDIUM] CWE-79 CVE-2023-21807: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21572 [MEDIUM] CWE-79 CVE-2023-21572: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21570 [MEDIUM] CWE-79 CVE-2023-21570: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21571 [MEDIUM] CWE-79 CVE-2023-21571: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21573 [MEDIUM] CWE-79 CVE-2023-21573: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2022-23259 [HIGH] CVE-2022-23259: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2022-21957 [HIGH] CVE-2022-21957: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2021-42316 [HIGH] CVE-2021-42316: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2021-41354 [MEDIUM] CWE-79 CVE-2021-41354: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2021-41353 [LOW] CVE-2021-41353: Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

CVE-2021-34524 [HIGH] CVE-2021-34524: Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2021-36950 [MEDIUM] CWE-79 CVE-2021-36950: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2021-24101 [MEDIUM] CVE-2021-24101: Microsoft Dataverse Information Disclosure Vulnerability Microsoft Dataverse Information Disclosure Vulnerability

CVE-2020-17147 [MEDIUM] CWE-79 CVE-2020-17147: Dynamics CRM Webclient Cross-site Scripting Vulnerability Dynamics CRM Webclient Cross-site Scripting Vulnerability

CVE-2020-17005 [MEDIUM] CWE-79 CVE-2020-17005: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2020-17018 [MEDIUM] CWE-79 CVE-2020-17018: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2020-17021 [MEDIUM] CWE-79 CVE-2020-17021: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2020-16978 [MEDIUM] CWE-79 CVE-2020-16978: <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server. The attacker who successfully exploited the vu

CVE-2020-16956 [MEDIUM] CWE-79 CVE-2020-16956: <p>A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not pr A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) does not properly sanitize a specially crafted web request to an affected Dynamics server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Dynamics server. The attacker who successfully exploited the vu

CVE-2020-16862 [HIGH] CVE-2020-16862: <p>A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the ser A remote code execution vulnerability exists in Microsoft Dynamics 365 (on-premises) when the server fails to properly sanitize web requests to an affected Dynamics server. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SQL service account. An authenticated attacker could exploit this vulnerability by s