Description

ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.

Remediation

References

CVE-2017-1000003

Related Vulnerabilities

Apache HTTP Server Uncontrolled Resource Consumption Vulnerability (CVE-2009-1890)

WordPress Plugin YITH Advanced Refund System for WooCommerce Security Bypass (1.0.10)

AngularJS Improper Input Validation Vulnerability (CVE-2019-10768)

WordPress Plugin Podlove Podcast Publisher Cross-Site Request Forgery (3.8.3)

Envoy Wrong DOWNSTREAM_REMOTE_ADDRESS logged Issue (CVE-2020-35470)

Severity

Critical

Classification

CVE-2017-1000003 CWE-269 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities