VulnCheck KEV: CVE-2023-27008

A Cross-site scripting XSS vulnerability in the function encryptpassword in login.tmpl.php in ATutor 2.2.1 allows remote attackers to inject arbitrary web script or HTML via the token parameter...

ATutor 跨站脚本漏洞

ATutor is a set of open source Web-based learning content management system LCMS by the Atutor team. The system includes modules for teaching content management, forums, chat rooms, and so on. A security vulnerability exists in ATutor version 2.2.1, which originated from the discovery of a...

PT-2023-20892 · Atutor · Atutor

Name of the Vulnerable Software and Affected Versions: ATutor version 2.2.1 Description: A Cross-site scripting XSS issue exists in the encrypt password function in login.tmpl.php, allowing remote attackers to inject arbitrary web script or HTML via the token parameter. Recommendations: For ATuto...

CVE-2017-12317

The Cisco AMP For Endpoints application allows an authenticated, local attacker to access a static key value stored in the local application software. The vulnerability is due to the use of a static key value stored in the application used to encrypt the connector protection password. An attacker...