A reflected cross-site scripting vulnerability in the BlackBerry WatchDox Server components Appliance-X, version 1.8.1 and earlier, and vAPP, versions 4.6.0 to 5.4.1, allows remote attackers to execute script commands in the context of the affected browser by persuading a user to click an attacker-supplied malicious link.
[
{
"product": "BlackBerry WatchDox Server",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "BlackBerry WatchDox Server"
}
]
}
]