Microsoft Dynamics AX Enterprise Portal XSS Vulnerability

Last Update Date: 13 Jun 2012 15:25 Release Date: 13 Jun 2012 4345 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Internet App Servers

TYPE: Internet App Servers

A cross-site scripting vulnerability exists in Microsoft Dynamics AX Enterprise Portal that could result in information disclosure or elevation of privilege if a user clicks a specially crafted URL that contains malicious JavaScript elements. Because of the vulnerability, when the malicious JavaScript is echoed back to the user's browser, the resulting page could allow an attacker to issue Microsoft Dynamics AX Enterprise Portal commands in the context of the authenticated user on the targeted Microsoft Dynamics AX Enterprise Portal site.

Impact

  • Elevation of Privilege

System / Technologies affected

  • Microsoft Dynamics AX 2012

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

Vulnerability Identifier

Source

 

Related Link

Share with

Previous

Microsoft Lync Multiple Vulnerabilities

13 Jun 2012 4077 Views

Next

Microsoft Windows Kernel-Mode Drivers Multiple Vulnerabilities

13 Jun 2012 4163 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY