Medium severity6.1NVD Advisory· Published Jan 13, 2017· Updated Jun 17, 2026
CVE-2017-3890
CVE-2017-3890
Description
A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link.
Affected products
3cpe:2.3:a:blackberry:workspaces_vapp:4.6.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:blackberry:workspaces_vapp:4.6.0:*:*:*:*:*:*:*
- cpe:2.3:a:blackberry:workspaces_vapp:5.4.1:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
2- support.blackberry.com/kb/articleDetailnvdVendor Advisory
- www.securityfocus.com/bid/95442nvdThird Party AdvisoryVDB Entry
News mentions
0No linked articles in our index yet.