CVE-2006-3821
ATutor 1.5.3 is affected by multiple XSS flaws (CVE-2006-3821). The vulnerabilities allow remote attackers to inject arbitrary web script or HTML via the (1) lang parameter in index_list.php and (2) year, (3) month, and (4) day parameters in registration.php. The NVD entry reports a CVSS v2 base ...