Headline
CVE-2024-21394: Dynamics 365 Field Service Spoofing Vulnerability
According to the CVSS metric, a successful exploitation could lead to a scope change (S:C). What does this mean for this vulnerability?
The vulnerability is in the web server, but the malicious scripts execute in the victim’s browser on their machine.