What the vulnerability does
01Description
Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVE-2023-28309
HIGH
CVE-2023-28309: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
CVSS base score
7.6/10
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:L/A:N/E:U/RL:O/RC:C
Key dates
02Disclosure timeline
April 11, 2023
CVE published
February 28, 2025
Record updated
External resources
03References
Related vulnerabilities
04Related CVE
CVE-2025-30223 Beego allows Reflected/Stored XSS in Beego's RenderForm() Function Due to Unescaped User Input
CVE-2024-7008 Calibre Reflected Cross-Site Scripting (XSS)
CVE-2024-49663 WordPress uCAT – Next Story plugin <= 2.0.0 - Reflected Cross Site Scripting (XSS) vulnerability
CVE-2026-2156 code-projects Online Student Management System Announcement Management index.php cross site scripting
CVE-2023-33846 IBM CICS TX cross-site scripting
