The host is installed with Lync Server 2013 and is prone to a XSS information disclosure vulnerability. A flaw is present in the application, which fails to properly sanitize specially crafted content. An attacker who successfully exploited this vulnerability could potentially execute scripts in the users browser to obtain information from web sessions.