4.3
CVSSv2

CVE-2008-0828

Published: 19/02/2008 Updated: 15/10/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

Multiple cross-site scripting (XSS) vulnerabilities in ATutor 1.5.5 and previous versions allow remote malicious users to inject arbitrary web script or HTML via (1) attributes such as style and onmouseover in (a) forum post or (b) mail; or (2) the website field of the profile.

Vulnerability Trend

Affected Products

Vendor Product Versions
AtutorAtutor0.9.6, 0.9.7, 1.0, 1.2.1, 1.2.2, 1.3, 1.3.1, 1.3.2, 1.3.3, 1.4, 1.4.1, 1.4.2, 1.4.3, 1.5.1, 1.5.2, 1.5.3, 1.5.3.1, 1.5.3.2, 1.5.4, 1.5.5