Description
Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website.
Remediation
References
Related Vulnerabilities
Apache Tomcat Other Vulnerability (CVE-2002-0935)
WordPress Plugin Youtube Channel Gallery Cross-Site Scripting (2.4)
PHP NULL Pointer Dereference Vulnerability (CVE-2020-7062)
Oracle JRE CVE-2013-2423 Vulnerability (CVE-2013-2423)
WordPress Plugin Fusion:Extension-Gallery Multiple Unspecified Vulnerabilities (1.0.4)