N/A

ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.

N/A

N/A

ATutor Social Application组件权限许可和访问控制问题漏洞

ATutor是ATutor团队开发的一套开源的基于Web的学习内容管理系统（LCMS）。该系统包括教学内容管理、论坛、聊天室等模块。Social Application component是其中的一个社交应用程序组件。 ATutor 2.2.1及之前的版本中Social Application组件存在提权漏洞。远程攻击者可利用该漏洞提升权限。

N/A

N/A