Headline
CVE-2023-36410: Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability
According to the CVSS metric, user interaction is required (UI:R). What interaction would the user have to do?
The user would have to click on a specially crafted URL to be compromised by the attacker.