Moodle mod_scorm Availability Date Bypass Vulnerability

Moodle mod_scorm Availability Date Bypass Vulnerability

CVE-2015-5341 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

Learn more about our User Device Pen Test.