Vulnerabilities > Atutor > Low

DATE CVE VULNERABILITY TITLE RISK
2017-10-10 CVE-2015-6521 Cross-site Scripting vulnerability in Atutor 2.2
Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2.
network
atutor CWE-79
3.5
3.5
2017-10-03 CVE-2017-14981 Cross-site Scripting vulnerability in Atutor
Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3.
network
atutor CWE-79
3.5
3.5
2014-03-02 CVE-2014-2091 Cross-Site Scripting vulnerability in Atutor 2.1.1
Cross-site scripting (XSS) vulnerability in mods/_standard/forums/admin/forum_add.php in ATutor 2.1.1 allows remote authenticated administrators to inject arbitrary web script or HTML via the title parameter in an add_forum action.
network
atutor CWE-79
3.5
3.5
2010-03-16 CVE-2010-0971 Cross-Site Scripting vulnerability in Atutor 1.6.4
Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.6.4 allow remote authenticated users, with Instructor privileges, to inject arbitrary web script or HTML via the (1) Question and (2) Choice fields in tools/polls/add.php, the (3) Type and (4) Title fields in tools/groups/create_manual.php, and the (5) Title field in assignments/add_assignment.php.
network
high complexity
atutor CWE-79
2.1
2.1