An information disclosure vulnerability exists when Team Foundation Server does not properly handle variables marked as secret, aka "Team Foundation Server Information Disclosure Vulnerability." This. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.
A Cross-site Scripting (XSS) vulnerability exists when Team Foundation Server does not properly sanitize user provided input, aka "Team Foundation Server Cross-site Scripting Vulnerability." This. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity.
A spoofing vulnerability exists when a Skype for Business 2015 server does not properly sanitize a specially crafted request, aka "Skype for Business 2015 Spoofing Vulnerability." This affects Skype. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.