ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Social Application component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to an incorrect access control check vulnerability in the Module component resulting in privilege escalation. ATutor versions 2.2.1 and earlier are vulnerable to a incorrect access control check vulnerability in the Alternative Content component resulting in privilege escalation.

References

• https://nvd.nist.gov/vuln/detail/CVE-2017-1000003
• http://www.atutor.ca/atutor/mantis/changelog_page.php?version_id=55
• http://www.atutor.ca/atutor/mantis/view.php?id=5681
• http://www.securityfocus.com/bid/99599