cvedb.io
CVE-2018-8891
MEDIUM · CVSS 4.8
EPSS exploitation probability: 0%
Published 2018-12-20T20:29:00.433 · Last modified 2026-06-17T02:05:35.600

Summary

Multiple stored cross-site scripting (XSS) vulnerabilities in the Management Console of BlackBerry UEM versions earlier than 12.9.1 could allow an attacker to store script commands that could later be executed in the context of another Management Console administrator.

Affected products

blackberry — unified_endpoint_manager

Does this affect you?

Add your gear to cvedb and we'll alert you only when blackberry ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.