Описание
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2006-4308
- https://exchange.xforce.ibmcloud.com/vulnerabilities/28537
- http://secunia.com/advisories/21577
- http://securitytracker.com/id?1016735
- http://www.securityfocus.com/archive/1/444062/100/0/threaded
- http://www.securityfocus.com/archive/1/444116/100/0/threaded
- http://www.securityfocus.com/archive/1/444885/100/0/threaded
- http://www.securityfocus.com/bid/19308
- http://www.vupen.com/english/advisories/2006/3366
Связанные уязвимости
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.