CVE-2006-4308 Information
Description
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6 Blackboard Learning and Community Portal Suite 6.2.3.23 and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript VBScript or HTML via (1) data (2) vbscript and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Reference
http://secunia.com/advisories/21577 http://securitytracker.com/id?1016735 http://www.securityfocus.com/archive/1/444062/100/0/threaded http://www.securityfocus.com/archive/1/444116/100/0/threaded http://www.securityfocus.com/archive/1/444885/100/0/threaded http://www.securityfocus.com/bid/19308 http://www.vupen.com/english/advisories/2006/3366 https://exchange.xforce.ibmcloud.com/vulnerabilities/28537
Share on: