Blackboard Academic Suite 6.2.3.23 Frameset.JSP Cross-Domain Frameset Loading Vulnerability

2014-07-01T00:00:00
ID SSV:80402
Type seebug
Reporter Root
Modified 2014-07-01T00:00:00

Description

No description provided by source.

                                        
                                            
                                                source: http://www.securityfocus.com/bid/15814/info

Blackboard Academic Suite is prone to a cross-domain frameset-loading vulnerability.

Successful exploitation may result in various attacks, such as information disclosure and session hijacking. An attacker may also be able to exploit this vulnerability to carry out phishing-style attacks.

Blackboard Academic Suite version 6.0 is reportedly affected by this issue. 

http://www.example.com/webapps/portal/frameset.jsp?tab_id=[tabid]&url=[url]