CVE-2026-6909 | ATutor 2.2.4 URL /install/upgrade.php cross site scripting

A vulnerability was found in ATutor 2.2.4 and classified as problematic. This affects an unknown function of the file /install/upgrade.php of the component URL Handler. Executing a manipulation can lead to cross site scripting. This vulnerability only affects products that are no longer supported by the maintainer.

This vulnerability is registered as CVE-2026-6909. It is possible to launch the attack remotely. No exploit is available.VulDB Recent EntriesRead More