Kyle Timmermans

**Name of the Vulnerable Software and Affected Versions** Blackboard Learn/PeopleTool version 9.1 **Description** A stored Cross-site scripting (XSS) issue allows users to inject arbitrary web script via the Tile widget in the People Tool profile editor. This could potentially affect a significant number of devices, but the exact number is not specified. **Recommendations** For Blackboard Learn/PeopleTool version 9.1, consider disabling the Tile widget in the People Tool profile editor until a patch is available to prevent exploitation of the stored XSS issue.