Skip to main content

Blackboard Learn

4 CVEs product

Monthly

CVE-2022-39196 MEDIUM POC This Month

Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Blackboard Learn
NVD GitHub
CVSS 3.1
6.5
EPSS
1.2%
CVE-2021-36747 MEDIUM POC This Month

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2021-36746 MEDIUM POC This Month

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
CVE-2020-9008 MEDIUM POC This Month

Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub
CVSS 3.1
5.4
EPSS
0.6%
EPSS 1% CVSS 6.5
MEDIUM POC This Month

Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly visiting a certain webapps/bbcms/execute/ URL. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Information Disclosure Blackboard Learn
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub
EPSS 1% CVSS 5.4
MEDIUM POC This Month

Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

XSS Blackboard Learn
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy