Microsoft Skype For Business Server — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Skype For Business Server, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2019-0798 — CVSS 6.1 (medium): A spoofing vulnerability exists when a Lync Server or Skype for Business Server does not properly sanitize a specially crafted request, aka…
CVE-2015-2536 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows remote attackers to inject…
CVE-2015-2531 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in the jQuery engine in Microsoft Lync Server 2013 and Skype for Business Server 2015 allows…