Published: 13/04/2017 Updated: 10/09/2017

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 435

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Subscribe to Blackberry Enterprise Service

Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service prior to 12.4 allow remote malicious users to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.

Vulnerable Product	Search on Vulmon	Subscribe to Product
blackberry blackberry enterprise service

( , ) (, '' ) (' ', ) , (' ( ) ( (_,) '), ) _ _, / _____/ / _ \ ____ ____ _____ \____ \==/ /_\ \ _/ ___\/ _ \ / \ / \/ | \\ \__( <_> ) Y Y \ /______ /\___|__ / \___ >____/|__|_| / \/ \/- \/ \/:wq (x0) '=|w| ...

BlackBerry Enterprise Service 12 (BES12) Self-Service suffers from cross site scripting and remote SQL injection vulnerabilities ...

CWE-79 http://support.blackberry.com/kb/articleDetail?articleNumber=000038033 http://security-assessment.com/files/documents/advisory/Blackberry%20BES12%20Self-Service%20Multiple%20Vulnerabilities.pdf http://seclists.org/fulldisclosure/2016/Feb/95 http://www.securitytracker.com/id/1035095 https://www.exploit-db.com/exploits/39481/https://nvd.nist.gov https://www.exploit-db.com/exploits/39481/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-1915

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect