CVE-2008-3421

Published: Jul 31, 2008Modified: Apr 23, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site request forgery (CSRF) vulnerabilities in Blackboard Academic Suite 8.0.260.7 allow remote attackers to hijack the authentication of student users for requests that change configuration and enrollments via unspecified input to (1) update_module.jsp, (2) enroll_course.pl, and (3) unenroll.jsp.

Affected (1)

Products: Blackboard: Blackboard Academic Suite

1 product

Blackboard Academic Suite

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Blackboard Blackboard Academic Suite	Version 8.0.260.7

Related CWEs

Cross-Site Request Forgery (CSRF)

The web application does not, or can not, sufficiently verify whether a well-formed, valid, consistent request was intentionally provided by the user who submitted the request.

References (8)

http://ceaseless.ws/bb-csrf/

Source: cve@mitre.org

URL Repurposed

http://secunia.com/advisories/31177

Source: cve@mitre.org

Vendor Advisory

http://www.securitytracker.com/id?1020559

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/43986

Source: cve@mitre.org

http://ceaseless.ws/bb-csrf/

Source: af854a3a-2127-422b-91ae-364da2661108

URL Repurposed

http://secunia.com/advisories/31177

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securitytracker.com/id?1020559

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/43986

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.