3 matches found
MS15-104: Vulnerabilities in Skype for Business Server and Lync Server Could Allow Elevation of Privilege (3089952)
The remote Windows host is missing a security update. It is, therefore, affected by multiple cross-site scripting vulnerabilities in Skype for Business Server and Lync Server : - A cross-site scripting vulnerability exists in Skype for Business Server and Lync Server due to a failure by the jQuer...
CVE-2015-2536
The CVE-2015-2536 issue is an XSS vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015. The root cause is improper sanitization of input (notably via crafted URLs in the web context), enabling remote attackers to execute arbitrary script or HTML in a logged-in user’s bro...
KLA10657 Multiple vulnerabilities in Microsoft communication services
Improper content sanitization at jQuery engine and other vectors were found in Lync Server and Skype for Business Server. By exploiting these vulnerabilities malicious users can gain privileges or obtain sensitive information. These vulnerabilities can be exploited remotely via a specially design...