Vulnerabilities > Atutor > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-03-28 | CVE-2023-27008 | Cross-site Scripting vulnerability in Atutor 2.2.1 A Cross-site scripting (XSS) vulnerability in the function encrypt_password() in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter. | 6.1 |
| 2021-08-17 | CVE-2020-23341 | Cross-site Scripting vulnerability in Atutor A reflected cross site scripting (XSS) vulnerability in the /header.tmpl.php component of ATutor 2.2.4 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | 6.1 |
| 2019-01-29 | CVE-2019-7172 | Cross-site Scripting vulnerability in Atutor A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php. | 6.1 |
| 2017-10-10 | CVE-2015-6521 | Cross-site Scripting vulnerability in Atutor 2.2 Multiple cross-site scripting (XSS) vulnerabilities in ATutor LMS version 2.2. | 5.4 |
| 2017-10-03 | CVE-2017-14981 | Cross-site Scripting vulnerability in Atutor Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. | 5.4 |
| 2017-08-31 | CVE-2015-7711 | Cross-site Scripting vulnerability in Atutor Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter. | 6.1 |
| 2017-03-05 | CVE-2017-6483 | Cross-site Scripting vulnerability in Atutor Multiple Cross-Site Scripting (XSS) issues were discovered in ATutor 2.2.2. | 6.1 |