CVE-2006-3914

CVE-2006-3914 · MEDIUM Severity

AV:N/AC:M/AU:S/C:P/I:P/A:P

Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject arbitrary HTML or web script by bypassing client-side validation through disabling JavaScript when submitting an essay response, which has no server-side validation before being viewed via "View Attempt Details" in the Gradebook.

Learn more about our Web App Pen Testing.