4
Currently, it is possible to modify the attachment of Invoice that has been approved through workflow on D365FO.
You can see this issue with vendor invoice.
This issue allows user (Malicious user) to modify the attachment on vendor invoice after approve and posting it.
Customer is afraid that this issue lead a security issue and will not get “pass” from business audit.
This scenario should be covered by D365FO as the point of following standard business manner and they want to know if MS will fix this issue in the future.
You can see this issue with vendor invoice.
This issue allows user (Malicious user) to modify the attachment on vendor invoice after approve and posting it.
Customer is afraid that this issue lead a security issue and will not get “pass” from business audit.
This scenario should be covered by D365FO as the point of following standard business manner and they want to know if MS will fix this issue in the future.
STATUS DETAILS
Needs Votes