Описание
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
Ссылки
- Broken LinkExploitVendor Advisory
- Broken Link
- Broken Link
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Broken LinkExploitVendor Advisory
- Broken Link
- Broken Link
- Broken LinkExploitThird Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1Версия до 6.0.0.0 (включая)
Одно из
cpe:2.3:a:blackboard:academic_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.2.3.23:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.3.1.424:*:*:*:*:*:*:*
EPSS
Процентиль: 90%
0.05941
Низкий
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-601
CWE-601
Связанные уязвимости
CVSS3: 6.1
github
почти 4 года назад
Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.
EPSS
Процентиль: 90%
0.05941
Низкий
6.1 Medium
CVSS3
4 Medium
CVSS2
Дефекты
CWE-601
CWE-601