Description

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

Remediation

References

CVE-2015-5341

Related Vulnerabilities

MySQL CVE-2022-21595 Vulnerability (CVE-2022-21595)

Joomla! Core 1.5.x Multiple Cross-Site Scripting Vulnerabilities (1.5.0 - 1.5.20)

Apache HTTP Server CVE-2018-1283 Vulnerability (CVE-2018-1283)

WordPress 4.2.x Multiple Vulnerabilities (4.2 - 4.2.33)

WordPress Plugin 123devis-affiliation Cross-Site Scripting (1.0.4)

Severity

Medium

Classification

CVE-2015-5341 CWE-264 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities