RSS   Vulnerabilities for
'Blackboard learning and community post systems'
   RSS

2007-10-05
 
CVE-2007-5227

CWE-79
 

 
Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.1.593 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences.

 
2005-12-13
 
CVE-2005-4206

 

 
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.

 

 >>> Vendor: Blackboard 10 Products
Courseinfo
Blackboard
Blackboard learning and community post systems
Academic suite
Blackboard academic suite
Blackboard learning and community portal suite
Vista
Transact suite
Vista/ce
Blackboard learn


Copyright 2020, cxsecurity.com

 

Back to Top