Unrated severityNVD Advisory· Published Apr 8, 2022· Updated Aug 4, 2024
CVE-2021-43498
CVE-2021-43498
Description
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
2- github.com/atutor/ATutor/blob/master/password_reminder.phpmitrex_refsource_MISC
- packetstormsecurity.com/files/157563/ATutor-LMS-2.2.4-Weak-Password-Reset-Hash.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.