Описание
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
Ссылки
- MitigationVendor Advisory
- MitigationVendor Advisory
Уязвимые конфигурации
Конфигурация 1Версия до 12.10.0 (исключая)
cpe:2.3:a:blackberry:unified_endpoint_manager:*:*:*:*:*:*:*:*
EPSS
Процентиль: 51%
0.00277
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79
Связанные уязвимости
CVSS3: 4.8
github
больше 3 лет назад
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
EPSS
Процентиль: 51%
0.00277
Низкий
4.8 Medium
CVSS3
3.5 Low
CVSS2
Дефекты
CWE-79