Cross-site Scripting Vulnerability in BlackBerry Enterprise Server Management Console
CVE-2016-3126

6.1MEDIUM

Key Information:

Vendor: Blackberry
Status: Enterprise Server
Vendor: CVE Published:; 22 April 2016

What is CVE-2016-3126?

The Management Console of BlackBerry Enterprise Server is susceptible to a cross-site scripting vulnerability that allows attackers to execute arbitrary web scripts or HTML by crafting a malicious URL. This issue potentially exposes users to unauthorized actions or information disclosure, emphasizing the importance of implementing security measures to mitigate risks.

References

http://www.securitytracker.com/id/1035568

vdb-entryx_refsource_SECTRACK

http://www.blackberry.com/btsc/KB38119

x_refsource_CONFIRM

CVSS V3.1

Score:

6.1

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2016
Vulnerability Reserved
Mar 11, 2016

Blackberry

What is CVE-2016-3126?

References

CVSS V3.1

Timeline