Knight4Vn

**Name of the Vulnerable Software and Affected Versions** Blackboard Academic Suite versions 7.x **Description** The issue allows remote attackers to access accounts more easily by modifying the client to skip the javascript/md5.js hash calculation and send an arbitrary MD5 string instead. This is because the server stores MD5 password hashes provided directly by clients. **Recommendations** For Blackboard Academic Suite versions 7.x, consider disabling the direct acceptance of MD5 password hashes from clients as a temporary workaround until a patch is available. Restrict access to sensitive areas of the application to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.