Описание
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
Ссылки
- ExploitVendor Advisory
- ExploitVendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:blackboard:academic_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.2.3.23:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.3.1.424:*:*:*:*:*:*:*
EPSS
Процентиль: 71%
0.00676
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to bypass authentication and gain privileges as other users via a modified user_id parameter and a "/" in the encoded_pw parameter.
EPSS
Процентиль: 71%
0.00676
Низкий
7.5 High
CVSS2
Дефекты
NVD-CWE-Other