Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2010 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL containing a valid meeting ID, aka "Lync Server Content Sanitization Vulnerability."
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Microsoft Lync Server 内容清理漏洞
Vulnerability Description
Microsoft Lync Server(前称Microsoft Office Communicator)是美国微软(Microsoft)公司发布的新一代企业整合沟通平台。该平台能够跨越PC、Web、手机等其他移动设备,将不同的沟通方式集成到一个平台中。 当Microsoft Lync Server 2010和2013版本无法正确清理特制内容时,存在一个信息泄露漏洞。成功利用此漏洞的攻击者可能会在用户的浏览器中执行脚本以从Web会话获取信息。
CVSS Information
N/A
Vulnerability Type
N/A