CVE-2005-4206

CVSS 6.1 MEDIUMEPSS 2.1%CWE-601

Vexday Risk Score

33Attention

SSVC decision (CISA)

Attend

PoC available → attend closely

CVSS 6.1EPSS 2.1%KEV nãoPoC públicaPatch —

Lifecycle

12 Dec 2005Public PoC

13 Dec 2005Published on NVD

Recommendation: Plan a near-term fix — a public PoC already exists.

Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to frameset.jsp, which loads the URL into a frame and causes it to appear to be part of a valid page.

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Affected products

n/a · n/a

public PoCs found — 1

exploitdbwww.exploit-db.com/exploits/26778unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://secunia.com/advisories/17991 https://exchange.xforce.ibmcloud.com/vulnerabilities/23558 http://www.ipomonis.com/advisories/Bb_6.zip http://www.osvdb.org/21618 http://www.securityfocus.com/bid/15814