CVE-2015-6061
CVE-2015-6061 is an XSS/info-disclosure flaw in Microsoft Skype for Business 2016, Lync 2010/2013 SP1, Lync 2010 Attendee, and Lync Room System caused by improper sanitization of instant-message content. A remote attacker can inject arbitrary web script/HTML via an IM session, potentially leaking...