VYPR
Medium severity5.4NVD Advisory· Published Oct 3, 2017· Updated Jun 17, 2026

CVE-2017-14981

CVE-2017-14981

Description

Cross-Site Scripting (XSS) was discovered in ATutor before 2.2.3. The vulnerability exists due to insufficient filtration of data (url in /mods/_standard/rss_feeds/edit_feed.php). An attacker could inject arbitrary HTML and script code into a browser in the context of the vulnerable website.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Atutor/Atutor2 versions
    cpe:2.3:a:atutor:atutor:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:a:atutor:atutor:*:*:*:*:*:*:*:*range: <=2.2.2
    • (no CPE)range: <2.2.3

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.