CVE-2012-1857

Currently unrated

Key Information:

Vendor: Microsoft
Status: Dynamics Ax
Vendor: CVE Published:; 12 June 2012

Summary

Cross-site scripting (XSS) vulnerability in the Enterprise Portal component in Microsoft Dynamics AX 2012 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Dynamics AX Enterprise Portal XSS Vulnerability."

References

http://www.us-cert.gov/cas/techalerts/TA12-164A.html

third-party-advisoryx_refsource_CERT

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

EPSS Score

31% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Jun 12, 2012
Vulnerability Reserved
Mar 22, 2012

Collectors

NVD DatabaseMitre Database