Microsoft Dynamics 365 Version 9.1 vulnerabilities

45 known vulnerabilities affecting microsoft/microsoft_dynamics_365_version_9.1.

Total CVEs

CISA KEV

Public exploits

Exploited in wild

Severity breakdown

HIGH13MEDIUM30LOW2

Vulnerabilities

Page 1 of 3

CVE-2025-62206MEDIUMCVSS 6.5≥ 9.0, < 9.1.41.072025-11-11

CVE-2025-62206 [MEDIUM] CWE-200 CVE-2025-62206: Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) a Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

cvelistv5nvd

CVE-2025-53728MEDIUMCVSS 6.5≥ 9.0, < 9.1.392025-08-12

CVE-2025-53728 [MEDIUM] CWE-200 CVE-2025-53728: Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) a Exposure of sensitive information to an unauthorized actor in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to disclose information over a network.

cvelistv5nvd

CVE-2025-49745MEDIUMCVSS 5.4≥ 9.0, < 9.1.38.102025-08-12

CVE-2025-49745 [MEDIUM] CWE-79 CVE-2025-49745: Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dy Improper neutralization of input during web page generation ('cross-site scripting') in Microsoft Dynamics 365 (on-premises) allows an unauthorized attacker to perform spoofing over a network.

cvelistv5nvd

CVE-2024-43476MEDIUMCVSS 5.4≥ 9.0, < 9.1.322024-09-10

CVE-2024-43476 [MEDIUM] CWE-79 CVE-2024-43476: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-38211HIGHCVSS 8.2≥ 9.0, < 1.312024-08-13

CVE-2024-38211 [HIGH] CWE-601 CVE-2024-38211: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-30061HIGHCVSS 7.3≥ 9.0, < 9.1.28.092024-07-09

CVE-2024-30061 [HIGH] CWE-285 CVE-2024-30061: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-35263MEDIUMCVSS 5.7≥ 9.0, < 1.292024-06-11

CVE-2024-35263 [MEDIUM] CWE-200 CVE-2024-35263: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

cvelistv5nvd

CVE-2024-21419MEDIUMCVSS 5.4≥ 9.0, < 9.1.262024-03-12

CVE-2024-21419 [MEDIUM] CWE-79 CVE-2024-21419: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-21393HIGHCVSS 7.6≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21393 [HIGH] CWE-79 CVE-2024-21393: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-21396HIGHCVSS 7.6≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21396 [HIGH] CWE-79 Dynamics 365 Sales Spoofing Vulnerability Dynamics 365 Sales Spoofing Vulnerability Dynamics 365 Sales Spoofing Vulnerability

cvelistv5

CVE-2024-21395HIGHCVSS 8.2≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21395 [HIGH] CWE-79 CVE-2024-21395: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-21394HIGHCVSS 7.6≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21394 [HIGH] CWE-79 Dynamics 365 Field Service Spoofing Vulnerability Dynamics 365 Field Service Spoofing Vulnerability Dynamics 365 Field Service Spoofing Vulnerability

cvelistv5

CVE-2024-21389HIGHCVSS 7.6≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21389 [HIGH] CWE-79 CVE-2024-21389: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2024-21328HIGHCVSS 7.6≥ 9.0, < 9.1.25.172024-02-13

CVE-2024-21328 [HIGH] CWE-79 Dynamics 365 Sales Spoofing Vulnerability Dynamics 365 Sales Spoofing Vulnerability Dynamics 365 Sales Spoofing Vulnerability

cvelistv5

CVE-2023-36020MEDIUMCVSS 5.4≥ 9.0, < 9.1.23.102023-12-12

CVE-2023-36020 [MEDIUM] CWE-79 CVE-2023-36020: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2023-36410MEDIUMCVSS 5.4≥ 9.0, < 9.1.23.102023-11-14

CVE-2023-36410 [MEDIUM] CWE-79 CVE-2023-36410: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2023-36030MEDIUMCVSS 6.1≥ 9.0, < 9.1.23.102023-11-14

CVE-2023-36030 [MEDIUM] CWE-79 CVE-2023-36030: Microsoft Dynamics 365 Sales Spoofing Vulnerability Microsoft Dynamics 365 Sales Spoofing Vulnerability

cvelistv5nvd

CVE-2023-36031MEDIUMCVSS 5.4≥ 9.0, < 9.1.23.102023-11-14

CVE-2023-36031 [MEDIUM] CWE-79 CVE-2023-36031: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2023-36016LOWCVSS 3.4≥ 9.0, < 9.1.23.102023-11-14

CVE-2023-36016 [LOW] CWE-79 CVE-2023-36016: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

cvelistv5nvd

CVE-2023-36429MEDIUMCVSS 6.5≥ 9.0, < 9.1.22.042023-10-10

CVE-2023-36429 [MEDIUM] CWE-643 CVE-2023-36429: Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

cvelistv5nvd

1 / 3Next →