2 matches found
Cross site scripting
Multiple cross-site scripting XSS vulnerabilities in WebCT Campus Edition 4.1.5.8, when "Don't wrap text" is enabled, allow remote authenticated users to inject arbitrary web script or HTML via a 1 mail message or 2 discussion board message. NOTE: this might overlap CVE-2005-1076...
CVE-2005-1076
CVE-2005-1076 describes a cross-site scripting (XSS) vulnerability in the WebCT Campus Edition 4.1 discussion board, allowing an attacker to inject arbitrary script/HTML via the message field. The connected Red Hat and CVE-2008-1225 records corroborate XSS in WebCT 4.1.5.8 and note potential over...