CVE-2014-4070 in Microsoft Lync
摘要 (英语)
Cross-site scripting (XSS) vulnerability in the Web Components Server in Microsoft Lync Server 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted URL, aka "Lync XSS Information Disclosure Vulnerability."
预定
2014-06-12
披露
2014-09-09
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 67517 | Microsoft Lync Script Reflected 跨网站脚本 | 79 | 未经证实 | 官方修复 | CVE-2014-4070 |