2 matches found
CVE-2014-4070
CVE-2014-4070 is an XSS vulnerability affecting Microsoft Lync Server 2013 (Web Components Server). The issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL, stemming from insufficient input sanitization. Multiple connected sources corroborate this, listing Lync ...
KLA10609 Multiple vulnerabilities in Microsoft Lync Server
Multiple serious vulnerabilities have been found in Microsoft Lync Server. Malicious users can exploit these vulnerabilities to inject arbitrary code or cause denial of service. Below is a complete list of vulnerabilities 1. XSS vulnerability can be exploited remotely via a specially designed URL...