### [CVE-2017-17442](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17442)
![](https://img.shields.io/static/v1?label=Product&message=UEM%20Management%20Console&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=%3D%2012.7.1%20and%20earlier%20&color=brighgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=Reflected%20cross-site%20scripting%20vulnerability&color=brighgreen)

### Description

In BlackBerry UEM Management Console version 12.7.1 and earlier, a reflected cross-site scripting vulnerability that could allow an attacker to execute script commands in the context of the affected UEM Management Console account by crafting a malicious link and then persuading a user with legitimate access to the Management Console to click on the malicious link.

### POC

#### Reference
- http://support.blackberry.com/kb/articleDetail?articleNumber=000047227

#### Github
No PoCs found on GitHub currently.