CVE-2018-13257

MEDIUM

Blackboard Learn - Open Redirect via HTTP Host Header Spoofing

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-13257. PoCs published by gluxon.

AI-analyzed exploit summary This PoC demonstrates a host header spoofing vulnerability in Blackboard Learn's CAS authentication module, allowing an attacker to authenticate as a victim user by manipulating the service ticket validation process.

Description

The bb-auth-provider-cas authentication module within Blackboard Learn 2018-07-02 is susceptible to HTTP host header spoofing during Central Authentication Service (CAS) service ticket validation, enabling a phishing attack from the CAS server login page.

Exploits (1)

nomisec WORKING POC 1 stars

by gluxon · poc

https://github.com/gluxon/CVE-2018-13257

View Code ZIP pw:eip

This PoC demonstrates a host header spoofing vulnerability in Blackboard Learn's CAS authentication module, allowing an attacker to authenticate as a victim user by manipulating the service ticket validation process.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: Blackboard Learn (CAS authentication module)

No auth needed

Prerequisites: Blackboard Learn instance configured with CAS authentication · Malicious website set up to authenticate with the same CAS server

MITRE ATT&CK

T1189 - Drive-by Compromise T1190 - Exploit Public-Facing Application

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory x_refsource_misc

https://github.com/gluxon/CVE-2018-13257

Scores

CVSS v3 6.1

EPSS 0.0284

EPSS Percentile 86.4%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Details

CWE

CWE-601

Status published

Products (1)

blackboard/blackboard_learn 2018-07-02

Published Nov 18, 2019

Tracked Since Feb 18, 2026