Printer FriendlyEmail Article Link

Should threat TSL20120612-07_Microsoft_Multiple_Products_HTML_Sanitization_Cross-Site_Scripting.xml have SIP listed as an affected protocol in Avalanche?


This threat is linked to three protocols, HTTP, HTTPS and SIP in Avalanche.  While the HTTP and HTTPS seem logical, SIP is not so apparent. 

Engineering has confirmed under CR#350371048 that the Telus description shows that SIP might be involved in the threat, and is also backed due to vulnurability being exposed also in Microsoft Communicator.

Product : Avalanche,Vulnerability,L4-7,ThreatEx,Avalanche