CVE-2023-36020 — Vulnetix

CVE-2023-36020 PUBLISHED CVSS 7.599999904632568 HIGH

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

EPSS 0.10% · 28.2th percentile

Risk Scores

CVSS v3.1

7.599999904632568

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C

EPSS Score

0.10%

28.2th percentile

Affected Products

Vendor	Product	Versions
microsoft	dynamics_365	9.0, 9.0.0, 9.0
Microsoft	Microsoft Dynamics 365 (on-premises) version 9.1	9.0
Microsoft	Microsoft Dynamics 365 (on-premises) version 9.0	9.0.0

Timeline

Dec 12, 2023 CVE Published
Dec 13, 2023 EPSS Score
Jan 11, 2024 EPSS Score
Feb 8, 2024 EPSS Score
Mar 8, 2024 EPSS Score
Apr 6, 2024 EPSS Score
May 4, 2024 EPSS Score
Jun 2, 2024 EPSS Score
Jul 1, 2024 EPSS Score
Jul 30, 2024 EPSS Score
Aug 27, 2024 EPSS Score
Sep 25, 2024 EPSS Score

References

https://msrc.microsoft.com/update-guide/ advisory
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability vendor-advisory
https://nvd.nist.gov/vuln/detail/CVE-2023-36020 advisory

Open in Interactive Console →

$ Console Community · 100/wk Open console ›