4 matches found
VulnCheck KEV: CVE-2023-27008
A Cross-site scripting XSS vulnerability in the function encryptpassword in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...
PT-2023-20892 · Atutor · Atutor
Name of the Vulnerable Software and Affected Versions: ATutor version 2.2.1 Description: A Cross-site scripting XSS issue exists in the encrypt password function in login.tmpl.php, allowing remote attackers to inject arbitrary web script or HTML via the token parameter. Recommendations: For ATuto...
ATutor 跨站脚本漏洞
ATutor is a set of open source Web-based learning content management system LCMS by the Atutor team. The system includes modules for teaching content management, forums, chat rooms, and so on. A security vulnerability exists in ATutor version 2.2.1, which originated from the discovery of a...
CVE-2017-12317
The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker...