The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
blackboard blackboard learn 2018-07-02 |