XSS attack in Links and Notes feature in Microsoft Dynamics NAV (KB4602915)

Support

Hello,

Select a different account.

You have multiple accounts

Choose the account you want to sign in with.

Dynamics 365 Business Central on-premises 2020 release wave 2, version 17 Dynamics 365 Business Central on-premises 2020 release wave 1, version 16 Dynamics 365 Business Central on-premises 2019 release wave 2, version 15 Dynamics NAV 2018 Dynamics NAV 2017 Dynamics NAV 2016 Dynamics NAV 2015 More...Less

Symptoms

If you are authenticated, and you enter URLs by using special schemes (JavaScript or data) in the Links and Notes feature in Microsoft Dynamics NAV, you might make yourself vulnerable to a Cross-Site Scripting (XSS) attack. For more information, see the following Common Vulnerabilities and Exposures (CVE):