CVE-2021-40440: Microsoft Dynamics Business Central Cross-site Scripting Vulnerability
Overview
- Severity
- Medium (CVSS 5.4)
- CVSS Vector
- CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N/E:P/RL:O/RC:C
- Category
- Spoofing
- Exploit Status
- Not Exploited
- Exploitation Likelihood
- Less Likely
- Patch Tuesday
- 2021-Sep
- Released
- 2021-09-14
- EPSS Score
- 0.79% (percentile: 73.8%)
Affected Products (2)
Microsoft Dynamics
- Microsoft Dynamics 365 Business Central 2020 Release Wave 2 – Update 17.10
- Microsoft Dynamics 365 Business Central 2021 Release Wave 1 - Update 18.5
Security Updates (2)
Acknowledgments
<a href="https://twitter.com/rskvp93">rskvp93</a> with <a href="https://viettelcybersecurity.com">Viettel Cyber Security</a>
Revision History
- 2021-09-14: Information published.