Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in ATutor before 1.5.3 allow remote attackers to inject arbitrary web script or HTML via the (1) show_courses or (2) current_cat parameters to (a) admin/create_course.php, show_courses parameter to (b) users/create_course.php, (3) p parameter to (c) documentation/admin/, (4) forgot parameter to (d) password_reminder.php, (5) cat parameter to (e) users/browse.php, or the (6) submit parameter to admin/fix_content.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ATutor多个跨站脚本攻击(XSS) 漏洞
Vulnerability Description
ATutor 1.5.3之前版本存在多个跨站脚本攻击(XSS) 漏洞。远程攻击者可以借助对(a) admin/create_course.php的(1) show_courses 或(2) current_cat参数, 对的(b) users/create_course.php的show_courses 参数, (3)对(c) documentation/admin/的p参数,(4)对(d) password_reminder.php的forgot 参数, (5)对(e) users/browse.php
CVSS Information
N/A
Vulnerability Type
N/A