CVE-2005-4206

MEDIUM6.1

Blackboard Learning and Community Portal System in Academic Suite 6

Published Dec 13, 2005

Modified 1 years ago

No fix available

Details

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.

References

ADVISORYhttp://secunia.com/advisories/17991 WEBhttp://www.ipomonis.com/advisories/Bb_6.zip WEBhttp://www.osvdb.org/21618 WEBhttp://www.securityfocus.com/bid/15814 WEBhttps://exchange.xforce.ibmcloud.com/vulnerabilities/23558 ADVISORYhttps://www.cve.org/CVERecord?id=CVE-2005-4206

CVSS Analysis

CVSS v3.1

6.1

Exploitability

Attack Vector

NetworkAV:N

Attack Complexity

LowAC:L

Privileges Required

NonePR:N

User Interaction

RequiredUI:R

Scope

ChangedS:C

Impact

Confidentiality

LowC:L

Integrity

LowI:L

Availability

NoneA:N

6.1/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Ecosystems

Timeline

PublishedDec 13, 2005

ModifiedJan 16, 2025