CVE-2016-1915
Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4
Multiple cross-site scripting (XSS) vulnerabilities in BlackBerry Enterprise Server 12 (BES12) Self-Service before 12.4 allow remote attackers to inject arbitrary web script or HTML via the locale parameter to (1) mydevice/index.jsp or (2) mydevice/loggedOut.jsp.
MEDIUM · CVSS 6.1
EPSS 0.07249
Schedule remediation
- EPSS percentile: top 8% of all CVEs by exploitation likelihood
- Public exploit or PoC is available
Sigma rules0
YARA rules0