CVE-2006-4308
Last modified
CVE-2006-4308 is a vulnerability of currently unknown severity. Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.. EPSS estimates a 2.00% chance of exploitation in the next 30 days.
Description
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Metrics
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Blackboard | Blackboard | 6.0 |
| Blackboard | Blackboard Learning And Community Portal Suite | 6.0 |
| Blackboard | Blackboard Learning And Community Portal Suite | 6.2.3.23 |
| Blackboard | Vista | 4 |
References
- http://secunia.com/advisories/21577Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3366Vendor Advisory
- http://secunia.com/advisories/21577Vendor Advisory
- http://www.vupen.com/english/advisories/2006/3366Vendor Advisory
Timeline
- Published
- Last Modified
- Status
- Modified
Frequently Asked Questions
What is CVE-2006-4308?
How severe is CVE-2006-4308?
How do I fix CVE-2006-4308?
Are you affected by CVE-2006-4308?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST