Unrated severityNVD Advisory· Published Mar 2, 2020· Updated Aug 6, 2024
CVE-2015-1583
CVE-2015-1583
Description
Multiple cross-site request forgery (CSRF) vulnerabilities in ATutor 2.2 allow remote attackers to hijack the authentication of administrators for requests that (1) create an administrator account via a request to mods/_core/users/admins/create.php or (2) create a user account via a request to mods/_core/users/create_user.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ATutor/ATutordescription
Patches
Vulnerability mechanics
References
6- packetstormsecurity.com/files/130598/ATutor-LCMS-2.2-Cross-Site-Request-Forgery.htmlmitrex_refsource_MISC
- www.securityfocus.com/bid/72845mitrevdb-entryx_refsource_BID
- edricteo.com/cve-2015-1583-atutor-lcms-csrf-vulnerability/mitrex_refsource_MISC
- github.com/atutor/ATutor/commit/068b8aa37f24645c62235018fb8da340f60e2d18mitrex_refsource_CONFIRM
- github.com/atutor/ATutor/commit/0ee827317e497f1db86ddc5080b8af461e4595cemitrex_refsource_CONFIRM
- github.com/atutor/ATutor/commit/af519cfb56da7312eecbb5812484fcbce08e4419mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.