Home

Description

A Stored Cross-Site Scripting (XSS) vulnerability in the Management Console of BlackBerry AtHoc version 7.15 could allow an attacker to potentially execute actions in the context of the victim's session.

PUBLISHED Reserved 2024-10-30 | Published 2024-11-25 | Updated 2024-11-25 | Assigner blackberry




MEDIUM: 4.6CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:N

Problem types

CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')

Product status

Default status
unaffected

7.15
affected

References

support.blackberry.com/pkb/s/article/140250

cve.org (CVE-2024-51723)

nvd.nist.gov (CVE-2024-51723)

Download JSON