BlackBerry Enterprise Server < 4.1.6 MR5 XSS
Medium Nessus Network Monitor Plugin ID 5000
SynopsisThe remote host is vulnerable to a Cross-Site Scripting (XSS) attack.
DescriptionThe remote host is running the Blackberry Enterprise Server.
This version is reportedly vulnerable to a cross-site scripting flaw due to the way that it handles user-supplied input. An attacker exploiting this flaw would need to be able to convince a user to click on a link. Successful exploitation would result in the attacker executing arbitrary script code within the browser of the user.
SolutionUpgrade to version 4.1.6 MR5 (18.104.22.168) or higher.