Main Vulnerability Database SB2018043004

SB2018043004 - Open redirect in Blackboard

Published: April 30, 2018

Security Bulletin ID SB2018043004

Severity

Low

Patch available

Number of vulnerabilities 1

Exploitation vector Remote access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Open redirect (CVE-ID: CVE-2017-18262)

The vulnerability allows a remote attacker to obtain potentially sensitive information and write arbitrary files on the target system.

The weakness exists due to improper authentication. A remote attacker can create a URL that, when loaded by the target authenticated user, will redirect the target user's browser to an arbitrary site.

Remediation

Cybersecurity Help is not aware of any official remediation provided by the vendor.

References

https://securitytracker.com/id/1040767