CyberSec.Space Logo
Back to CVE Browser

CVE-2006-3914

MEDIUM
6.0
CVSS Severity Score
EPSS Score0.1290%
EPSS Percentile0.80th
PublishedJul 28, 2006
Last ModifiedApr 16, 2026

Vulnerability Description

Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook.

Affected Platforms (CPE)

πŸ“¦
Blackboard

Blackboard Academic Suite

= 6.2.3.23

References & Advisories

πŸ”— http://securityreason.com/securityalert/1295
πŸ”— http://securitytracker.com/id?1016556
πŸ”— http://www.securityfocus.com/archive/1/440888/100/0/threaded
πŸ”— http://www.securityfocus.com/bid/19101
πŸ”— https://exchange.xforce.ibmcloud.com/vulnerabilities/27895
πŸ”— http://securityreason.com/securityalert/1295
πŸ”— http://securitytracker.com/id?1016556
πŸ”— http://www.securityfocus.com/archive/1/440888/100/0/threaded

Related Vulnerabilities

CVE-2005-433810.0

announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions befor...

CVE-2005-43377.5

The login page in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before...

CVE-2008-18836.8

The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it easie...

CVE-2005-42066.1

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote a...