Headline
CVE-2023-36030: Microsoft Dynamics 365 Sales Spoofing Vulnerability
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.