(MS12-040) Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)
Publish Date: 13 juin 2012
Gravité: : Élevé
Identifiant(s) CVE: : CVE-2012-1857
Date du conseil: 13 juin 2012
Description
A cross-site scripting vulnerability in Microsoft Dynamics AX Enterprise Portal exists that may allow an attacker to gain an elevation of privilege on a vulnerable system. The attacker must lure a potential victim to click on a specially crafted URL that hosts an exploit to the said vulnerability.
Solutions
Affected software and version:
- Microsoft Dynamics AX 2012