Description

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

Remediation

References

CVE-2015-5341

Related Vulnerabilities

WordPress Plugin Slider Revolution Responsive Local File Inclusion (4.1.4)

MySQL CVE-2021-2166 Vulnerability (CVE-2021-2166)

MySQL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-8286)

WordPress Plugin Easy Forms for Mailchimp Cross-Site Scripting (5.0.6)

Apache HTTP Server Improper Handling of Case Sensitivity Vulnerability (CVE-2001-0766)

Severity

Medium

Classification

CVE-2015-5341 CWE-264 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities