CVE Daily

CVE-2018-8891

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Con...

Medium CVSS 4.8

Overview

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

CWE: CWE-79 Published: 2018-12-20T20:29:00.433
Risk analysis

This vulnerability is rated 🟡 MEDIUM.

  • CVSS: 4.8 (MEDIUM)
  • Detected tags: none (tag impact: LOW)

Recommended actions:

  • Prioritize remediation based on business criticality and exposure.
  • Limit exposure and increase monitoring until fixed.

Recommended tools

Tags