header-logo
Suggest Exploit
vendor:
Blackboard Academic Suite
by:
Unknown
5.5
CVSS
MEDIUM
Cross-Domain Frameset-Loading
346
CWE
Product Name: Blackboard Academic Suite
Affected Version From: 6
Affected Version To: 6
Patch Exists: NO
Related CWE: CVE-2005-0488
CPE: a:blackboard:academic_suite:6.0
Metasploit: https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1091/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-0807/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-0809/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-0858/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1020/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-0806/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1021/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-0808/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1006/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2015-1007/https://www.rapid7.com/db/vulnerabilities/suse-cve-2005-0488/https://www.rapid7.com/db/vulnerabilities/apple-osx-telnet-cve-2005-0488/https://www.rapid7.com/db/vulnerabilities/linuxrpm-RHSA-2008-0523/
Other Scripts:
Platforms Tested:
2005

Cross-Domain Frameset-Loading Vulnerability in Blackboard Academic Suite

The vulnerability allows attackers to load a frameset from a different domain, leading to potential attacks such as information disclosure, session hijacking, and phishing-style attacks.

Mitigation:

It is recommended to upgrade to a fixed version or apply patches provided by the vendor.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/15814/info

Blackboard Academic Suite is prone to a cross-domain frameset-loading vulnerability.

Successful exploitation may result in various attacks, such as information disclosure and session hijacking. An attacker may also be able to exploit this vulnerability to carry out phishing-style attacks.

Blackboard Academic Suite version 6.0 is reportedly affected by this issue. 

http://www.example.com/webapps/portal/frameset.jsp?tab_id=[tabid]&url=[url]

Navigation

Suggest Exploit

Services By CQR