Vulnerability Description
A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsoft Dynamics 365 (on-premises) version 8 Cross Site Scripting Vulnerability." This affects Microsoft Dynamics 365. This CVE ID is unique from CVE-2018-8605, CVE-2018-8606, CVE-2018-8607.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Dynamics 365 | >= 8.0, < 8.2.3.0003 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/105892Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8608PatchVendor Advisory
- http://www.securityfocus.com/bid/105892Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8608PatchVendor Advisory
FAQ
What is CVE-2018-8608?
CVE-2018-8608 is a vulnerability with a CVSS score of 5.4 (MEDIUM). A cross site scripting vulnerability exists when Microsoft Dynamics 365 (on-premises) version 8 does not properly sanitize a specially crafted web request to an affected Dynamics server, aka "Microsof...
How severe is CVE-2018-8608?
CVE-2018-8608 has been rated MEDIUM with a CVSS base score of 5.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-8608?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Dynamics 365.