exploit-db-mirror/exploits/jsp/webapps/26778.txt

source: https://www.securityfocus.com/bid/15814/info

Blackboard Academic Suite is prone to a cross-domain frameset-loading vulnerability.

Successful exploitation may result in various attacks, such as information disclosure and session hijacking. An attacker may also be able to exploit this vulnerability to carry out phishing-style attacks.

Blackboard Academic Suite version 6.0 is reportedly affected by this issue.

http://www.example.com/webapps/portal/frameset.jsp?tab_id=[tabid]&url=[url]