Dynamics 365 Microsoft Dynamics 365

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in Microsoft Dynamics 365.

Recent Microsoft Dynamics 365 Security Advisories

Advisory Title Published
CVE-2025-21177 CVE-2025-21177 Microsoft Dynamics 365 Sales Elevation of Privilege Vulnerability February 6, 2025
CVE-2024-49053 CVE-2024-49053 Microsoft Dynamics 365 Sales Spoofing Vulnerability November 27, 2024
CVE-2024-43460 CVE-2024-43460 Dynamics 365 Business Central Elevation of Privilege Vulnerability September 17, 2024
CVE-2024-43476 CVE-2024-43476 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability September 10, 2024
CVE-2024-38225 CVE-2024-38225 Microsoft Dynamics 365 Business Central Elevation of Privilege Vulnerability September 10, 2024
CVE-2024-38211 CVE-2024-38211 Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability August 13, 2024
CVE-2024-38166 CVE-2024-38166 Microsoft Dynamics 365 Cross-site Scripting Vulnerability August 6, 2024
CVE-2024-38182 CVE-2024-38182 Microsoft Dynamics 365 Elevation of Privilege Vulnerability July 31, 2024
CVE-2024-30061 CVE-2024-30061 Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability July 9, 2024
CVE-2024-30048 CVE-2024-30048 Dynamics 365 Customer Insights Spoofing Vulnerability July 9, 2024

By the Year

In 2025 there have been 0 vulnerabilities in Microsoft Dynamics 365. Last year, in 2024 Dynamics 365 had 13 security vulnerabilities published. Right now, Dynamics 365 is on track to have less security vulnerabilities in 2025 than it did last year.




Year Vulnerabilities Average Score
2025 0 0.00
2024 13 7.35
2023 30 5.90
2022 5 7.80
2021 8 6.64
2020 22 6.20
2019 3 6.70
2018 5 6.08

It may take a day or so for new Dynamics 365 vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Microsoft Dynamics 365 Security Vulnerabilities

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-43476 5.4 - Medium - September 10, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-38211 8.2 - High - August 13, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Weak authentication in Microsoft Dynamics 365

CVE-2024-38182 9.8 - Critical - July 31, 2024

Weak authentication in Microsoft Dynamics 365 allows an unauthenticated attacker to elevate privileges over a network.

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2024-30061 7.3 - High - July 09, 2024

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2024-35263 5.7 - Medium - June 11, 2024

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-21419 5.4 - Medium - March 12, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-21393 7.6 - High - February 13, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Dynamics 365 Sales Spoofing Vulnerability

CVE-2024-21328 7.6 - High - February 13, 2024

Dynamics 365 Sales Spoofing Vulnerability

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

CVE-2024-21327 7.6 - High - February 13, 2024

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

Dynamics 365 Sales Spoofing Vulnerability

CVE-2024-21396 7.6 - High - February 13, 2024

Dynamics 365 Sales Spoofing Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-21395 8.2 - High - February 13, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Dynamics 365 Field Service Spoofing Vulnerability

CVE-2024-21394 7.6 - High - February 13, 2024

Dynamics 365 Field Service Spoofing Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2024-21389 7.6 - High - February 13, 2024

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

CVE-2023-35621 7.5 - High - December 12, 2023

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36020 5.4 - Medium - December 12, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36031 5.4 - Medium - November 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36410 5.4 - Medium - November 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 Sales Spoofing Vulnerability

CVE-2023-36030 6.1 - Medium - November 14, 2023

Microsoft Dynamics 365 Sales Spoofing Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36016 3.4 - Low - November 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36416 6.1 - Medium - October 10, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2023-36429 6.5 - Medium - October 10, 2023

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Exposure of Resource to Wrong Sphere

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2023-36433 6.5 - Medium - October 10, 2023

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-38164 5.4 - Medium - September 12, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-36886 5.4 - Medium - September 12, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Dynamics Finance and Operations Cross-site Scripting Vulnerability

CVE-2023-36800 5.4 - Medium - September 12, 2023

Dynamics Finance and Operations Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2023-35389 6.5 - Medium - August 08, 2023

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Dynamics 365 Finance Spoofing Vulnerability

CVE-2023-24896 5.4 - Medium - July 14, 2023

Dynamics 365 Finance Spoofing Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-33171 6.1 - Medium - July 11, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-35335 8.2 - High - July 11, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-28309 5.4 - Medium - April 11, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-28314 6.1 - Medium - April 11, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-24921 5.4 - Medium - March 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-24919 5.4 - Medium - March 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-24891 5.4 - Medium - March 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

CVE-2023-24922 6.5 - Medium - March 14, 2023

Microsoft Dynamics 365 (On-Premises) Information Disclosure Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-24879 5.4 - Medium - March 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-24920 5.4 - Medium - March 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability

CVE-2023-21778 8 - High - February 14, 2023

Microsoft Dynamics Unified Service Desk Remote Code Execution Vulnerability

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21571 5.4 - Medium - February 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21572 6.5 - Medium - February 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21573 5.4 - Medium - February 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21570 5.4 - Medium - February 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

CVE-2023-21807 6.5 - Medium - February 14, 2023

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

XSS

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

CVE-2022-35805 8.8 - High - September 13, 2022

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

CVE-2022-34700 8.8 - High - September 13, 2022

Microsoft Dynamics CRM (on-premises) Remote Code Execution Vulnerability

SQL Injection

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2022-23259 8.8 - High - April 15, 2022

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2022-21957 7.2 - High - February 09, 2022

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

CVE-2022-21932 5.4 - Medium - January 11, 2022

Microsoft Dynamics 365 Customer Engagement Cross-Site Scripting Vulnerability

XSS

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

CVE-2021-42316 8.8 - High - November 10, 2021

Microsoft Dynamics 365 On-Premises Remote Code Execution Vulnerability

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

CVE-2021-41353 5.4 - Medium - October 13, 2021

Microsoft Dynamics 365 (on-premises) Spoofing Vulnerability

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Microsoft Dynamics 365 or by Microsoft? Click the Watch button to subscribe.

Microsoft
Vendor

subscribe