Vulnerabilities > CVE-2004-1872 - HTML Injection vulnerability in WebCT Campus Edition

047910
CVSS 4.3 - MEDIUM
Attack vector
NETWORK
Attack complexity
MEDIUM
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
PARTIAL
Availability impact
NONE
network
webct
exploit available

Summary

Cross-site scripting (XSS) vulnerability in WebCT Campus Edition 4.1.1.5 allows remote attackers to inject arbitrary web script or HTML via the @import URL function in a CSS style tag.

Exploit-Db

descriptionWebCT Campus Edition 3.8/4.x HTML Injection Vulnerability. CVE-2004-1872. Remote exploits for multiple platform
idEDB-ID:23893
last seen2016-02-02
modified2004-03-29
published2004-03-29
reporterSimon Boulet
sourcehttps://www.exploit-db.com/download/23893/
titleWebCT Campus Edition 3.8/4.x HTML Injection Vulnerability