Check CVE Id
Check CWE Id
'Blackboard learning and community post systems'
Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 126.96.36.1993 and earlier in BlackBoard Academic Suite allow remote attackers to inject arbitrary web script or HTML via the (1) subject_t and (2) body_text parameters. NOTE: vector 2 requires bypassing a client-side security mechanism that attempts to block XSS sequences.
Blackboard Learning and Community Portal System in Academic Suite 188.8.131.524, 184.108.40.206, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
Blackboard learning and community post systems
Blackboard academic suite
Blackboard learning and community portal suite
Back to Top