Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Blackboard Subscribe
Filtered by product Blackboard
Total 4 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2006-0511 1 Blackboard 2 Blackboard, Blackboard Academic Suite 2018-10-19 4.3 MEDIUM N/A
** DISPUTED ** Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is idle, which allows subsequent users to log in as the previous user and gain privileges. NOTE: the vendor has disputed this issue, saying that "This is a customer specific issue related to their Kerberos authentication single sign-on application and not a vulnerability in the Blackboard product."
CVE-2006-4308 1 Blackboard 3 Blackboard, Blackboard Learning And Community Portal Suite, Vista 2018-10-17 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
CVE-2004-1581 1 Blackboard 1 Blackboard 2017-07-10 5.0 MEDIUM N/A
BlackBoard 1.5.1 allows remote attackers to gain sensitive information via a direct request to (1) checkdb.inc.php, (2) admin.inc.php or (3) cp.inc.php, which reveals the path in a PHP error message.
CVE-2002-1007 1 Blackboard 1 Blackboard 2008-09-05 7.5 HIGH N/A
Cross-site scripting vulnerabilities in Blackboard 5 allow remote attackers to execute arbitrary web script via (1) the course_id parameter in a link to login.pl, (2) the CTID parameter in ProcessInfo.cgi, or (3) the Message parameter in index.cgi.