Description

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

Remediation

References

CVE-2015-5341

Related Vulnerabilities

Mailman Insufficiently Protected Credentials Vulnerability (CVE-2021-43332)

Django Incorrect Regular Expression Vulnerability (CVE-2018-7537)

WordPress Plugin Coming Soon Page, Under Construction & Maintenance Mode by SeedProd Cross-Site Scripting (5.1.0)

MySQL CVE-2014-6559 Vulnerability (CVE-2014-6559)

SugarCRM Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2019-17296)

Severity

Medium

Classification

CVE-2015-5341 CWE-264 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities