SEC Consult SA-20170630-0 :: Multiple critical vulnerabilities in OSCI-Transport library 1.2 for German e-Government

2017-06-30 Thread SEC Consult Vulnerability Lab
descriptions: http://blog.sec-consult.com/2017/06/german-e-government-details-vulnerabilities.html SEC Consult Vulnerability Lab Security Advisory < 20170630-0 > === title: Multiple critical vulnerabi

Microsoft Dynamic CRM 2016 - Cross-Site Scripting vulnerability

2017-06-30 Thread gregory draperi
Hello Everyone, Product: MS Dynamic CRM 2016 Vendor: Microsoft Vulnerability type: Cross Site Scripting Vulnerable version: MS Dynamic CRM 2016 SP1 and previous Vulnerable component: SyncFilterPage.aspx Report confidence: Confirmed Solution status: Not fixed by Vendor, will not patch the vuln. Fi