(MS12-040) Vulnerability in Microsoft Dynamics AX Enterprise Portal Could Allow Elevation of Privilege (2709100)
Publish Date: 13 de czerwca de 2012
Severity: : High
CVE Kennungen: : CVE-2012-1857
Advisory Date: 13 de czerwca de 2012
DESCRIPTION
A cross-site scripting vulnerability in Microsoft Dynamics AX Enterprise Portal exists that may allow an attacker to gain an elevation of privilege on a vulnerable system. The attacker must lure a potential victim to click on a specially crafted URL that hosts an exploit to the said vulnerability.
SOLUTION
AFFECTED SOFTWARE AND VERSION:
- Microsoft Dynamics AX 2012