Posted by Curesec Research Team (CRT) on Feb 03

Security Advisory – Curesec Research Team

1. Introduction

Affected Product: Atutor 2.2
Fixed in: partly in ATutor 2.2.1-RC1, complete in 2.2.1
Fixed Version Link: http://www.atutor.ca/atutor/download.php
Vendor Website: http://www.atutor.ca/
Vulnerability Type: XSS
Remote Exploitable: Yes
Reported to vendor: 11/17/2015
Disclosed to public: 02/01/2016
Release mode: Coordinated Release
CVE: n/a…