Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-2015

Overview

Vulnerability Score 4.3 4.3
CVE Id CVE-2004-2015
Last Modified 05 Sep 2008 04:42:58
Published 31 Dec 2004 12:00:00
Confidentiality Impact NONE NONE
Integrity Impact PARTIAL PARTIAL
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2004-2015

Summary

Cross-site scripting (XSS) vulnerability in WebCT Campus Edition allows remote attackers to inject arbitrary HTML or web script via (1) iframe, (2) img, or (3) object tags.

Vulnerable Systems

Application

  • Webct Campus 4.0

  • Webct Campus 4.0 Sp3 Hotfix 40833

  • Webct Campus 4.1

  • Webct Campus 4.1 Sp2 Hotfix 40832

  • Webct Campus 4.1.1.5


References

XF - webct-iframe-img-tags-xss(16156)

BID - 10357

BUGTRAQ - 20040517 WebCT: Cross Site Scripting Vulnerability

FULLDISC - 20040516 WebCT: Cross Site Scripting Vulnerability


Last Updated: 27 May 2016 10:39:17