mod_scorm in Moodle up to and including 2.6.11, 2.7.x prior to 2.7.11, 2.8.x prior to 2.8.9, and 2.9.x prior to 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
moodle moodle 2.9.1 |
||
moodle moodle 2.9.0 |
||
moodle moodle 2.8.8 |
||
moodle moodle 2.8.7 |
||
moodle moodle 2.7.3 |
||
moodle moodle 2.7.2 |
||
moodle moodle 2.7.10 |
||
moodle moodle 2.7.1 |
||
moodle moodle 2.8.2 |
||
moodle moodle 2.8.1 |
||
moodle moodle 2.8.0 |
||
moodle moodle 2.7.9 |
||
moodle moodle 2.9.2 |
||
moodle moodle 2.8.6 |
||
moodle moodle 2.8.4 |
||
moodle moodle 2.7.7 |
||
moodle moodle 2.7.5 |
||
moodle moodle |
||
moodle moodle 2.8.5 |
||
moodle moodle 2.8.3 |
||
moodle moodle 2.7.8 |
||
moodle moodle 2.7.6 |
||
moodle moodle 2.7.4 |
||
moodle moodle 2.7.0 |
Vulmon