blackboard blackboard academic suite 6.2.3.23 vulnerabilities and exploits

(subscribe to this query)

7.5

CVSSv2

The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in...

Blackboard Academic Suite Blackboard Academic Suite 6.2.3.23 Blackboard Academic Suite 6.3.1.424

4.3

CVSSv2

Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to inject arbitrary web script or HTML via the context parameter to announcement.pl, whic...

Blackboard Academic Suite 6.2.3.23 Blackboard Academic Suite 6.3.1.424 Blackboard Academic Suite

10

CVSSv2

announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to gain administrator privileges by setting the context parameter to "admin".

Blackboard Academic Suite Blackboard Academic Suite 6.2.3.23 Blackboard Academic Suite 6.3.1.424

4

CVSSv2

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a...

Blackboard Academic Suite 6.2.3.23 Blackboard Academic Suite 6.3.1.424 Blackboard Academic Suite

1 EDB exploit

5

CVSSv2

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions prior to 6 allows remote malicious users to list all available categories via a blank category_id parameter to category.pl. NOTE: it is not clear whether this information is ...

Blackboard Academic Suite Blackboard Academic Suite 6.3.1.424 Blackboard Academic Suite 6.2.3.23

6

CVSSv2

Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side val...

Blackboard Blackboard Academic Suite 6.2.3.23

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook