Cross-site scripting (XSS) vulnerability in ATutor 1.5.1 allows remote attackers to inject arbitrary web script or HTML via (1) course parameter in login.php or (2) words parameter in search.php.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Atutor | Adaptive_technology_resource_centre | 1.5.1 (including) | 1.5.1 (including) |