source: https://www.securityfocus.com/bid/19308/info
Blackboard products are prone to multiple HTML-injection vulnerabilities because the software fails to properly sanitize user-supplied input before using it in dynamically generated content.
Attacker-supplied HTML and script code would execute in the context of the affected website, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user; other attacks are also possible.
Blackboard Learning System (Release 6) and Blackboard Learning and Community Portal Suite (Release 6 build 6.2.3.23) are vulnerable; other version may also be affected.
Reports indicate this issue has been addressed in versions 7.0 and 7.1, but Symantec has not confirmed this.
UPDATE (June 14, 2007): Reports indicate that Blackboard Academic Suite - Vista 4 is also vulnerable.
Defacement (FrameBuster)
-------------------------
Defacement (FrameBuster)
-------------------------
Defacement (IE ONLY)
-------------------------
Defacement (IE ONLY)
-------------------------
Cookie Stealer (IE ONLY)
-------------------------
Cookie Stealer (IE ONLY)
-------------------------
Cookie Stealer (Encoded Tab - IE ONLY)
-------------------------
Cookie Stealer (html encoded - IE ONLY)
-------------------------
Cookie Stealer (tabs - IE ONLY)
-------------------------
Cookie Stealer (body tag with tabs - IE ONLY)
-------------------------
Cookie Stealer (div tag with tabs - IE ONLY)
-------------------------