CVE-2006-4308
published 2006-08-23CVE-2006-4308: Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard…
PriorityP418medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EXPLOIT
EPSS
2.00%
78.3th percentile
Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal Suite 6.2.3.23, and Blackboard Vista 4 allow remote attackers to inject arbitrary Javascript, VBScript, or HTML via (1) data, (2) vbscript, and (3) malformed javascript URIs in various HTML tags when posting to the Discussion Board.
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| blackboard | blackboard | — | — |
| blackboard | blackboard_learning_and_community_portal_suite | — | — |
| blackboard | blackboard_learning_and_community_portal_suite | — | — |
| blackboard | vista | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
CWE
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
mitre_cwe
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
There are many variants of cross-site scripting, characterized by a variety of terms or involving different attack topologies. However, they all indicate the same fundamental weakness: improper neutralization of dangerous input between the adversary and a victim.
Background: The Same Origin Policy states that browsers should limit the resources accessible to scripts running on a given web site, or "origin", to the resources associated with that web site on the client-side, and not the client-side resources of any other sites or
CWE
Incomplete Denylist to Cross-Site Scripting
mitre_cwe·CVSS 5.8
[MEDIUM] CWE-692 Incomplete Denylist to Cross-Site Scripting
CWE-692: Incomplete Denylist to Cross-Site Scripting
The product uses a denylist-based protection mechanism to defend against XSS attacks, but the denylist is incomplete, allowing XSS variants to succeed.
While XSS might seem simple to prevent, web browsers vary so widely in how they parse web pages, that a denylist cannot keep track of all the variations. The "XSS Cheat Sheet" [REF-714] contains a large number of attacks that are intended to bypass incomplete denylists.
Modes of Introduction:
Phase: Implementation
Common Consequences:
Scope: Confidentiality, Integrity, Availability. Impact: Execute Unauthorized Code or Commands.
Observed Examples:
CVE-2007-5727: Denylist only removes tag.
CVE-2006-3617: Denylist only removes tag.
CVE-2006-4308: Denylist only checks "javascript:" tag
CWE
Incomplete List of Disallowed Inputs
mitre_cwe
CWE-184 Incomplete List of Disallowed Inputs
CWE-184: Incomplete List of Disallowed Inputs
The product implements a protection mechanism that relies on a list of inputs (or properties of inputs) that are not allowed by policy or otherwise require other action to neutralize before additional processing takes place, but the list is incomplete.
Modes of Introduction:
Phase: Implementation
Note: Developers often try to protect their products against malicious input by checking against lists of known bad inputs, such as special characters that can invoke new commands. However, such lists often only address the most well-known bad inputs. As a quick fix, developers might rely on these lists instead of addressing the root cause of the issue. See [REF-141].
Phase: Architecture and Design
Note: The design might rely solely on detection of m
http://secunia.com/advisories/21577http://securitytracker.com/id?1016735http://www.securityfocus.com/archive/1/444062/100/0/threadedhttp://www.securityfocus.com/archive/1/444116/100/0/threadedhttp://www.securityfocus.com/archive/1/444885/100/0/threadedhttp://www.securityfocus.com/bid/19308http://www.vupen.com/english/advisories/2006/3366https://exchange.xforce.ibmcloud.com/vulnerabilities/28537http://secunia.com/advisories/21577http://securitytracker.com/id?1016735http://www.securityfocus.com/archive/1/444062/100/0/threadedhttp://www.securityfocus.com/archive/1/444116/100/0/threadedhttp://www.securityfocus.com/archive/1/444885/100/0/threadedhttp://www.securityfocus.com/bid/19308http://www.vupen.com/english/advisories/2006/3366https://exchange.xforce.ibmcloud.com/vulnerabilities/28537
2006-08-23
Published