CVE-2005-1076
WebCT Campus Edition 4.1 - Stored Cross-Site Scripting via Discussion Board Message Field
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2005-1076. PoCs published by lacertosum.
AI-analyzed exploit summary This exploit demonstrates an HTML injection vulnerability in WebCT 4.1, where user-supplied input is not properly sanitized, allowing for XSS attacks. The provided code snippet includes a proof-of-concept for injecting JavaScript via a table background attribute.
Description
Cross-site scripting (XSS) vulnerability in the discussion board functionality for WebCT Campus Edition 4.1 allows remote attackers to inject arbitrary web script or HTML via the message field.
Exploits (1)
This exploit demonstrates an HTML injection vulnerability in WebCT 4.1, where user-supplied input is not properly sanitized, allowing for XSS attacks. The provided code snippet includes a proof-of-concept for injecting JavaScript via a table background attribute.