(MS12-040) Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)
Severity: HIGH
CVE Identifier: CVE-2012-1857
Advisory Date: JUN 13, 2012
DESCRIPTION
A cross-site scripting vulnerability in Microsoft Dynamics AX Enterprise Portal exists that may allow an attacker to gain an elevation of privilege on a vulnerable system. The attacker must lure a potential victim to click on a specially crafted URL that hosts an exploit to the said vulnerability.
SOLUTION
AFFECTED SOFTWARE AND VERSION
- Microsoft Dynamics AX 2012