Required CVE Record Information
Description
Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter.
References 4 Total
- seclists.org: 20151104 [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability mailing-list
- http://packetstormsecurity.com/files/134217/ATutor-2.2-Cross-Site-Scripting.html
- http://karmainsecurity.com/KIS-2015-07
- securityfocus.com: 20151104 [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability mailing-list
Updated:
This container includes required additional information provided by the CVE Program for this vulnerability.
References 4 Total
- seclists.org: 20151104 [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability mailing-listx_transferred
- http://packetstormsecurity.com/files/134217/ATutor-2.2-Cross-Site-Scripting.html x_transferred
- http://karmainsecurity.com/KIS-2015-07 x_transferred
- securityfocus.com: 20151104 [KIS-2015-07] ATutor <= 2.2 (popuphelp.php) Reflected Cross-Site Scripting Vulnerability mailing-listx_transferred