CVE-2008-3421
- EPSS 0.09%
- Veröffentlicht 31.07.2008 17:41:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to (1)...
CVE-2008-1883
- EPSS 0.61%
- Veröffentlicht 18.04.2008 15:05:00
- Zuletzt bearbeitet 09.04.2025 00:30:58
The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easier for remote attackers to access accounts via a modified client that skips the javascript/md5.js hash calculation, and i...
- EPSS 0.5%
- Veröffentlicht 28.07.2006 00:04:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response...
CVE-2006-0511
- EPSS 0.18%
- Veröffentlicht 01.02.2006 23:02:00
- Zuletzt bearbeitet 03.04.2025 01:03:51
Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this iss...