Description

Cross-site scripting (XSS) vulnerability in popuphelp.php in ATutor 2.2 and earlier allows remote attackers to inject arbitrary web script or HTML via the h parameter.

Remediation

References

CVE-2015-7711

Related Vulnerabilities

Python Cryptographic Issues Vulnerability (CVE-2012-1150)

Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.15)

OpenSSL Possible denial of service attack Vulnerability (CVE-2020-1971)

Internet Information Services Other Vulnerability (CVE-2000-0457)

TYPO3 Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4614)

Severity

Medium

Classification

CVE-2015-7711 CWE-707 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Tags

Missing Update Known Vulnerabilities