Atutor : Security Vulnerabilities, CVEs, Published In 2017 (XSS)
Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website.
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-10-03
Updated
2017-10-11
Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor 2.2.2. The vulnerabilities exist due to insufficient filtration of user-supplied data passed to several pages (lang_code in themes/*/admin/system_preferences/language_edit.tmpl.php). An attacker could execute arbitrary HTML and script code in a browser in the context of the vulnerable website.
Max CVSS
6.1
EPSS Score
0.11%
Published
2017-03-05
Updated
2017-03-08
Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter.
Max CVSS
6.1
EPSS Score
0.52%
Published
2017-08-31
Updated
2019-05-02
Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2.
Max CVSS
5.4
EPSS Score
0.05%
Published
2017-10-10
Updated
2017-10-27
4 vulnerabilities found