CVSS 3.1 Score 8.2 of 10 (high)


Published Feb 13, 2024
Updated: Feb 23, 2024


CVE-2024-21395 is a cross-site scripting vulnerability affecting Microsoft Dynamics 365 (on-premises) software. The vulnerability has a base severity rating of HIGH and a base score of 8.2 according to the CVSS:3.1 vector string. It requires user interaction and can be exploited over the network without any privileges required. The impact includes low integrity and high confidentiality, with an overall impact score of 4.7. The vulnerability poses a potential danger to organizations using the affected Microsoft Dynamics 365 software as it allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to unauthorized access or data theft. To mitigate this vulnerability, organizations should apply any available patches or security updates provided by Microsoft.

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2024-21395 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options