Known Vulnerabilities for products from Blackboard
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Blackboard".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2022-39196 json | Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then d... | 6.5 - MEDIUM | 2022-09-05 | 2023-08-08 |
| CVE-2021-36747 json | Blackboard Learn through 9.1 allows XSS by an authenticated user via the Feedback to Learner form. | 5.4 - MEDIUM | 2021-07-20 | 2021-07-23 |
| CVE-2021-36746 json | Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor. | 5.4 - MEDIUM | 2021-07-20 | 2021-07-23 |
| CVE-2020-25902 json | ** DISPUTED ** Blackboard Collaborate Ultra 20.02 is affected by a cross-site scripting (XSS) vulnerability. The XSS payload ... | 6.1 - MEDIUM | 2021-03-02 | 2023-11-07 |
| CVE-2020-9008 json | Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web scri... | 5.4 - MEDIUM | 2020-02-25 | 2020-03-09 |
| CVE-2018-13257 json | The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing... | 6.1 - MEDIUM | 2019-11-18 | 2019-11-25 |
| CVE-2017-18262 json | Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its en... | 6.1 - MEDIUM | 2018-04-30 | 2018-06-12 |
| CVE-2014-0811 json | Cross-site scripting (XSS) vulnerability in Blackboard Vista/CE 8.0 SP6 and earlier allows remote attackers to inject arbitra... | 4.3 - MEDIUM | 2014-02-22 | 2015-08-13 |
| CVE-2010-3245 json | The automated-backup functionality in Blackboard Transact Suite (formerly Blackboard Commerce Suite) stores the (1) database ... | 2.1 - LOW | 2010-09-07 | 2013-01-04 |
| CVE-2010-3244 json | BbtsConnection_Edit.exe in Blackboard Transact Suite (formerly Blackboard Commerce Suite) before 3.6.0.2 relies on field name... | 4.6 - MEDIUM | 2010-09-07 | 2010-09-08 |
| CVE-2008-3421 json | Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to h... | Not Provided | 2008-07-31 | 2026-04-23 |
| CVE-2008-1883 json | The server in Blackboard Academic Suite 7.x stores MD5 password hashes that are provided directly by clients, which makes it ... | Not Provided | 2008-04-18 | 2026-04-23 |
| CVE-2008-1795 json | Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Academic Suite 7.x and earlier, and possibly some 8.0 versi... | Not Provided | 2008-04-15 | 2026-04-23 |
| CVE-2007-5227 json | Multiple cross-site scripting (XSS) vulnerabilities in messaging/course/composeMessage.jsp in BlackBoard Learning System 6.3.... | Not Provided | 2007-10-05 | 2026-04-23 |
| CVE-2006-4308 json | Multiple cross-site scripting (XSS) vulnerabilities in Blackboard Learning System 6, Blackboard Learning and Community Portal... | 4.3 - MEDIUM | 2006-08-23 | 2018-10-17 |
| CVE-2006-3914 json | Cross-site scripting (XSS) vulnerability in Blackboard Academic Suite 6.2.3.23 allows remote authenticated users to inject ar... | 6 - MEDIUM | 2006-07-28 | 2018-10-17 |
| CVE-2006-0511 json | Blackboard Academic Suite 6.0 and earlier does not properly clear session information when de-authenticating a user who is id... | Not Provided | 2006-02-01 | 2025-04-03 |
| CVE-2005-4341 json | Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions before 6 allows rem... | Not Provided | 2005-12-19 | 2025-04-03 |
| CVE-2005-4339 json | Cross-site scripting (XSS) vulnerability in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.... | Not Provided | 2005-12-19 | 2025-04-03 |
| CVE-2005-4338 json | announcement.pl in Blackboard Learning and Community Portal System in Academic Suite 6.3.1.424, 6.2.3.23, and other versions ... | Not Provided | 2005-12-19 | 2025-04-03 |
Known software with vulnerabilities from Blackboard
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Blackboard | Blackboard Learn | 2018-07-02 |
| Application | Blackboard | Collaborate Ultra | 20.02 |
| Application | Blackboard | Transact Suite | - |
| Application | Blackboard | Vista/ce | 8.0 |