This script is Copyright (C) 2015-2017 Tenable Network Security, Inc.
The remote host is affected by a cross-site scripting vulnerability.
The remote Windows host is affected by a cross-site scripting (XSS)
vulnerability in Skype for Business and Lync clients due to improper
sanitization of message content before returning it to the user. A
to execute arbitrary script and HTML in the user's context, resulting
in the possible disclosure of sensitive information or other actions.
See also :
Microsoft has released a set of patches for Lync 2010, Lync 2010
Attendee, Lync 2013, Lync Basic 2013, Skype for Business 2016, Skype
for Business Basic 2016, and Lync Room System.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true