cvedb.io
CVE-2015-6061
UNKNOWN · CVSS n/a
EPSS exploitation probability: 0%
Published 2015-11-11T11:59:33.333 · Last modified 2026-06-17T00:30:19.827

Summary

Cross-site scripting (XSS) vulnerability in Microsoft Skype for Business 2016, Lync 2010 and 2013 SP1, Lync 2010 Attendee, and Lync Room System allows remote attackers to inject arbitrary web script or HTML via an instant-message session, aka "Server Input Validation Information Disclosure Vulnerability."

Affected products

microsoft — lync

Does this affect you?

Add your gear to cvedb and we'll alert you only when microsoft ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.