An authenticated attacker can exploit an untrusted search path vulnerability in Microsoft Dataverse to execute code over a network.