Описание
The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:blackberry:enterprise_server:12.0:*:*:*:*:*:*:*
cpe:2.3:a:blackberry:enterprise_server:12.1:*:*:*:*:*:*:*
EPSS
Процентиль: 44%
0.00217
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-254
Связанные уязвимости
github
больше 3 лет назад
The Management Console in BlackBerry Enterprise Server (BES) 12 before 12.2 does not properly restrict use of FRAME elements, which makes it easier for remote attackers to conduct clickjacking attacks via a crafted web site, related to a "cross frame scripting" issue.
EPSS
Процентиль: 44%
0.00217
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-254