CVE-2023-21523

A Stored Cross-site Scripting (XSS) vulnerability in the Management Console (User Management and Alerts) of BlackBerry AtHoc version 7.15 could allow an attacker to execute script commands in the context of the affected user account.
Configurations

Configuration 1 (hide)

cpe:2.3:a:blackberry:athoc:7.15:*:*:*:*:*:*:*

History

15 Sep 2023, 14:01

Type Values Removed Values Added
References (MISC) https://http://support.blackberry.com/kb/articleDetail?articleNumber=000112406 - (MISC) https://http://support.blackberry.com/kb/articleDetail?articleNumber=000112406 - Vendor Advisory
First Time Blackberry athoc
Blackberry
CWE CWE-79
CPE cpe:2.3:a:blackberry:athoc:7.15:*:*:*:*:*:*:*
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 5.4

12 Sep 2023, 20:41

Type Values Removed Values Added
New CVE

Information

Published : 2023-09-12 20:15

Updated : 2024-02-28 20:33


NVD link : CVE-2023-21523

Mitre link : CVE-2023-21523

CVE.ORG link : CVE-2023-21523


JSON object : View

Products Affected

blackberry

  • athoc
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')