Описание
Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.
Ссылки
- Vendor Advisory
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:blackboard:academic_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.2.3.23:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.3.1.424:*:*:*:*:*:*:*
EPSS
Процентиль: 53%
0.00297
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.
EPSS
Процентиль: 53%
0.00297
Низкий
4.3 Medium
CVSS2
Дефекты
NVD-CWE-Other