CVE-2005-4206

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.

Published: Dec 13, 2005
Updated: May 9, 2024
CVE: CVE-2005-4206
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 6.1
AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

CVSS v2:

Severity: Low
Score: 4
AV:N/AC:H/Au:N/C:P/I:P/A:N

CWEs:

CWE-601

Affected Software
References

Software	From	Fixed in
blackboard / academic_suite	6.2.3.23	6.2.3.23.x
blackboard / academic_suite	6.3.1.424	6.3.1.424.x
blackboard / academic_suite	-	6.0.0.0.x

http://secunia.com/advisories/17991
http://www.ipomonis.com/advisories/Bb_6.zip
http://www.osvdb.org/21618
http://www.securityfocus.com/bid/15814
https://exchange.xforce.ibmcloud.com/vulnerabilities/23558

Vulnerability Database

289,871

CVE-2005-4206