Blackboard Blackboard Learn — known CVE vulnerabilities
Every CVE whose affected-product data names Blackboard Blackboard Learn, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (6)
CVE-2022-39196 — CVSS 6.5 (medium): Blackboard Learn 1.10.1 allows remote authenticated users to read unintended files by entering student credentials and then directly…
CVE-2017-18262 — CVSS 6.1 (medium): Blackboard Learn (Since at least 17th of October 2017) has allowed Unvalidated Redirects on any signed-in user through its endpoints for…
CVE-2018-13257 — CVSS 6.1 (medium): The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during…
CVE-2020-9008 — CVSS 5.4 (medium): Stored Cross-site scripting (XSS) vulnerability in Blackboard Learn/PeopleTool v9.1 allows users to inject arbitrary web script via the…
CVE-2021-36746 — CVSS 5.4 (medium): Blackboard Learn through 9.1 allows XSS by an authenticated user via the Assignment Instructions HTML editor.