CVE-2005-4206

Name of the Vulnerable Software and Affected Versions Blackboard Learning and Community Portal System versions prior to 6

Description The issue allows remote attackers to redirect users to other URLs and conduct phishing attacks via a modified url parameter to "frameset.jsp", which loads the URL into a frame and causes it to appear to be part of a valid page.

Recommendations For versions prior to 6, consider restricting access to the "frameset.jsp" page or modifying the url parameter handling to prevent redirection to unauthorized URLs. As a temporary workaround, avoid using the url parameter in the affected "frameset.jsp" page until a patch is available.