CVE Catalog
CVE-2024-51367
CriticalCVSS 9.8Exploitation Probability (EPSS)
Elevated risk0.75%
50th percentile - higher than 50% of all known CVEs
Summary
An arbitrary file upload vulnerability in the \Users\username.BlackBoard component of BlackBoard v2.0.0.2 allows attackers to upload a crafted .xml file, leading to arbitrary code execution.
Risk Assessment
The risk includes full server compromise, data theft, or further attacks on internal infrastructure.
Recommendation
Immediately update BlackBoard to the latest version and implement file type validation and upload restrictions on the server.
Original NVD description (English source)
An arbitrary file upload vulnerability in the component \Users\username.BlackBoard of BlackBoard v2.0.0.2 allows attackers to execute arbitrary code via uploading a crafted .xml file.

