Lucene search

[email protected]CVE-2005-4339

HistoryOct 03, 2022 - 4:22 p.m.

CVE-2005-4339

2022-10-0316:22:46

[email protected]

web.nvd.nist.gov

cve-2005-4339

xss

blackboard learning

community portal

academic suite 6.3.1.424

security vulnerability

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.9%

JSON

Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to inject arbitrary web script or HTML via the context parameter to announcement.pl, which is reflected in the resulting page.

Affected configurations

NVD

Node

blackboardacademic_suite

blackboardacademic_suiteMatch6.2.3.23

blackboardacademic_suiteMatch6.3.1.424

CPENameOperatorVersion
blackboard:academic_suiteblackboard academic suiteeq*
blackboard:academic_suiteblackboard academic suiteeq6.2.3.23
blackboard:academic_suiteblackboard academic suiteeq6.3.1.424

CPE	Name	Operator	Version
blackboard:academic_suite	blackboard academic suite	eq	*
blackboard:academic_suite	blackboard academic suite	eq	6.2.3.23
blackboard:academic_suite	blackboard academic suite	eq	6.3.1.424

References

www.ipomonis.com/advisories/Bb_6.zip

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

5.9 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

45.9%

JSON

Related for CVE-2005-4339

cvelist1 nvd1