CVE-2020-25902

Опубликовано: 02 мар. 2021

Источник: nvd

CVSS3: 6.1

CVSS2: 4.3

EPSS Низкий

Описание

Blackboard Collaborate Ultra 20.02 is affected by a cross-site scripting (XSS) vulnerability. The XSS payload will execute on the class room, which leads to stealing cookies from users who join the class. NOTE: Third-parties dispute the validity of this entry as a possible false positive during research

Ссылки

https://github.com/Lawyer-1/Turki/blob/main/CVE-2020-25902.md
Broken Link
https://www.blackboard.com/teaching-learning/collaboration-web-conferencing/blackboard-collaborate
Product
Vendor Advisory
https://github.com/Lawyer-1/Turki/blob/main/CVE-2020-25902.md
Broken Link
https://www.blackboard.com/teaching-learning/collaboration-web-conferencing/blackboard-collaborate
Product
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:blackboard:collaborate_ultra:20.02:*:*:*:*:*:*:*

EPSS

Процентиль: 59%

0.00373

Низкий

6.1 Medium

CVSS3

4.3 Medium

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-9p36-3r73-mx7q