Lucene search

[email protected]CVE-2005-4339

HistoryDec 19, 2005 - 3:47 a.m.

CVE-2005-4339

2005-12-1903:47:00

NVD-CWE-Other

[email protected]

web.nvd.nist.gov

cve-2005-4339

xss

blackboard learning

community portal

academic suite 6.3.1.424

security vulnerability

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.1%

JSON

Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.

CPENameOperatorVersion
blackboard:academic_suiteblackboard academic suiteeq6.2.3.23
blackboard:academic_suiteblackboard academic suiteeq*
blackboard:academic_suiteblackboard academic suiteeq6.3.1.424

CPE	Name	Operator	Version
blackboard:academic_suite	blackboard academic suite	eq	6.2.3.23
blackboard:academic_suite	blackboard academic suite	eq	*
blackboard:academic_suite	blackboard academic suite	eq	6.3.1.424

References

www.ipomonis.com/advisories/Bb_6.zip

6.2 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.001 Low

EPSS

Percentile

43.1%

JSON