Arbitrary Script Injection in BlackBerry Enterprise Server (BES) 12 Management Console
CVE-2016-1916 · LOW Severity
AV:N/AC:M/AU:S/C:N/I:P/A:N
Cross-site scripting (XSS) vulnerability in the Management Console in BlackBerry Enterprise Server (BES) 12 before 12.4.1 allows remote authenticated users to inject arbitrary web script or HTML by leveraging basic administrative access to create a crafted policy, leading to improper rendering on a certain Export IT screen.
Learn more about our Web App Pen Testing.