5 matches found
Description of the security update for Skype for Business Lync Server 2013: April 12, 2022 (KB5012681)
Description of the security update for Skype for Business Lync Server 2013: April 12, 2022 KB5012681 Summary This security update resolves an information disclosure vulnerability in Microsoft Lync Server. To learn more about these vulnerabilities, see Microsoft Common Vulnerabilities and Exposure...
Cross site scripting
Cross-site scripting XSS vulnerability in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync Server XSS Information Disclosure Vulnerability."...
Cross site scripting
Cross-site scripting XSS vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."...
CVE-2014-4070
CVE-2014-4070 is an XSS vulnerability affecting Microsoft Lync Server 2013 (Web Components Server). The issue allows remote attackers to inject arbitrary web script or HTML via a crafted URL, stemming from insufficient input sanitization. Multiple connected sources corroborate this, listing Lync ...
CVE-2014-1823
CVE-2014-1823 is an XSS vulnerability affecting Microsoft Lync Server 2010 and 2013, specifically in the Web Components Server. A crafted URL containing a valid meeting ID can be used to inject arbitrary web script or HTML remotely. Multiple connected advisories corroborate the issue as an inform...