Blackboard - Cross-Site Scripting

What is "Blackboard - Cross-Site Scripting?"

The "Blackboard - Cross-Site Scripting" module is designed to detect a cross-site scripting vulnerability in the Blackboard software. Blackboard is a popular learning management system used by educational institutions to deliver online courses and manage student information. This vulnerability allows an attacker to execute arbitrary scripts in the browser of an unsuspecting user, potentially leading to unauthorized access or data theft. The severity of this vulnerability is classified as high, with a CVSS score of 7.2.

This module was authored by r3naissance.

Impact

If successfully exploited, the cross-site scripting vulnerability in Blackboard can have serious consequences. An attacker can inject malicious scripts into web pages viewed by users, leading to various attacks such as session hijacking, defacement, or phishing. This can compromise the confidentiality, integrity, and availability of the affected system and its users' data.

How the module works?

The "Blackboard - Cross-Site Scripting" module works by sending HTTP requests to specific endpoints in the Blackboard application. It then analyzes the responses for specific patterns and conditions to determine if a cross-site scripting vulnerability exists.

For example, the module may send a GET request to the "/main/blank?message_success=<img src=c onerror=alert(8675309)>" endpoint and check if the response body contains the string "<img src=c onerror=alert(8675309)>". It also verifies that the response header includes the content type "text/html" and that the HTTP status code is 200.

If all the matching conditions are met, the module reports the presence of the cross-site scripting vulnerability in Blackboard.