CVE-2023-21522

Name of the Vulnerable Software and Affected Versions BlackBerry AtHoc version 7.15

Description A Reflected Cross-site Scripting (XSS) vulnerability in the Management Console (Reports) could allow an attacker to control a script executed in the victim's browser, enabling them to execute script commands in the context of the affected user account.

Recommendations For version 7.15, consider disabling access to the Management Console (Reports) until a patch is available to prevent potential exploitation. Restricting user privileges in the Management Console can also help minimize the risk of exploitation.