none
Silverlight cross-domain policy on Lync Server

    Question

  • Hello everyone,

    I am currently testing the network of my company, which has also a lync server.

    Some vulnerability scanners reported, that Silverlight cross-domain policy on the lync server is set to "any":

    <allow-from http-request-headers="*">

    My question is now: Is this a vulnerability, or is this needed for lync calls or something similar?

    Kind regards

    Thursday, December 6, 2018 7:55 AM