Vulnerabilities > CVE-2006-3914 - HTML Injection vulnerability in Blackboard Academic Suite 6.2.3.23
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
SINGLE Confidentiality impact
PARTIAL Integrity impact
PARTIAL Availability impact
PARTIAL network
blackboard
Summary
Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |