VYPR
Unrated severityOSV Advisory· Published Jan 29, 2019· Updated Sep 17, 2024

CVE-2019-7172

CVE-2019-7172

Description

A stored-self XSS exists in ATutor through v2.2.4, allowing an attacker to execute HTML or JavaScript code in a vulnerable Real Name field to /mods/_core/users/admins/my_edit.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Atutor/AtutorOSV2 versions
    atutor_1_4_2, atutor_1_5, atutor_1_5_1, …+ 1 more
    • (no CPE)range: atutor_1_4_2, atutor_1_5, atutor_1_5_1, …
    • (no CPE)range: <=2.2.4

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.