CVE-2023-21523

EUVD-2023-25691






















A Stored Cross-site Scripting (XSS) vulnerability in the Management Console (User Management and Alerts) of BlackBerry AtHoc version 7.15 could allow an attacker to execute script commands in the context of the affected user account.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.4 MEDIUM
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 64%
Affected Products (NVD)
VendorProductVersion
blackberryathoc
7.15
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://http://support.blackberry.com/kb/articleDetail?articleNumber=000112406
https://http://support.blackberry.com/kb/articleDetail?articleNumber=000112406