Blackboard · Webct Campus Edition · CVE-2004-1872
**Name of the Vulnerable Software and Affected Versions**
WebCT Campus Edition version 4.1.1.5
**Description**
A cross-site scripting issue allows remote attackers to inject arbitrary web script or HTML via the `@import` URL function in a CSS style tag.
**Recommendations**
For WebCT Campus Edition version 4.1.1.5, consider disabling the `@import` URL function in CSS style tags as a temporary workaround until a patch is available.