CVE-2018-8888: XSS
First published: Thu Dec 20 2018(Updated: )
A stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.
Credit: secure@blackberry.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| BlackBerry Unified Endpoint Manager | <12.10.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2018-8888?
CVE-2018-8888 is a stored cross-site scripting (XSS) vulnerability in the Management Console of BlackBerry UEM versions earlier than 12.10.0.
How does CVE-2018-8888 affect BlackBerry UEM?
CVE-2018-8888 allows an attacker to store script commands that could later be executed in the context of another Management Console administrator.
Which version of BlackBerry UEM is affected by CVE-2018-8888?
BlackBerry UEM versions earlier than 12.10.0 are affected by CVE-2018-8888.
What is the severity of CVE-2018-8888?
CVE-2018-8888 has a severity rating of medium (4.8).
How can I fix CVE-2018-8888?
To fix CVE-2018-8888, update BlackBerry UEM to version 12.10.0 or later.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/tags
- agent/event
- agent/weakness
- agent/description
- agent/type
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- vendor/blackberry
- canonical/blackberry unified endpoint manager