CVE-2005-4339

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2005-4339
Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.

4.3 /10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact PARTIAL

Availability Impact NONE

References
Link Resource
http://www.ipomonis.com/advisories/Bb_6.zip Vendor Advisory
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:blackboard:academic_suite:*:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.2.3.23:*:*:*:*:*:*:*
cpe:2.3:a:blackboard:academic_suite:6.3.1.424:*:*:*:*:*:*:*
History

No history.

Information

Published : 2005-12-19 03:47

Updated : 2023-12-10 10:28

NVD link : CVE-2005-4339

Mitre link : CVE-2005-4339

CVE.ORG link : CVE-2005-4339

JSON object : View

Products Affected

blackboard

  • academic_suite
CWE
NVD-CWE-Other