Vulnerability CVE-2024-38166


Published: 2024-08-06   Modified: 2024-08-07

Description:
An unauthenticated attacker can exploit improper neutralization of input during web page generation in Microsoft Dynamics 365 to spoof over a network by tricking a user to click on a link.

Type:

CWE-79

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

 References:
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38166

Copyright 2026, cxsecurity.com

 

Back to Top