Description

ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.

Remediation

References

CVE-2017-1000003

Related Vulnerabilities

Apache Tomcat Insufficiently Protected Credentials Vulnerability (CVE-2019-12418)

WordPress Plugin Twitter Cards Meta Multiple Vulnerabilities (2.4.5)

XOOPS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-16683)

Magento CVE-2019-8122 Vulnerability (CVE-2019-8122)

WordPress Plugin CF7 Invisible reCAPTCHA Cross-Site Scripting (1.3.1)

Severity

Critical

Classification

CVE-2017-1000003 CWE-269 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities