CVE-2020-25902

Name of the Vulnerable Software and Affected Versions: Blackboard Collaborate Ultra version 20.02

Description: The issue concerns a cross-site scripting (XSS) vulnerability. This vulnerability allows the execution of an XSS payload in the classroom, potentially leading to the theft of cookies from users who join the class. Third-party sources dispute the validity of this entry, suggesting it might be a false positive.

Recommendations: For Blackboard Collaborate Ultra version 20.02, consider disabling the execution of scripts in the classroom as a temporary workaround until the issue is resolved. Restrict access to sensitive user data to minimize the risk of exploitation. Avoid using the platform for sensitive activities until the vulnerability is addressed. At the moment, there is no information about a newer version that contains a fix for this vulnerability.