3 matches found
CVE-2014-1823
CVE-2014-1823 is an XSS vulnerability affecting Microsoft Lync Server 2010 and 2013, specifically in the Web Components Server. A crafted URL containing a valid meeting ID can be used to inject arbitrary web script or HTML remotely. Multiple connected advisories corroborate the issue as an inform...
Microsoft Lync Server 2010 - 'ReachJoin.aspx' Remote Command Injection
source: https://www.securityfocus.com/bid/48235/info Microsoft Lync Server 2010 is prone to a remote command-injection vulnerability because it fails to properly sanitize user-supplied input. Attackers can exploit this issue to execute arbitrary commands in the context of the application. Microso...
Security update 1970-01-01
...