mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50837
github.com/moodle/moodle
github.com/moodle/moodle/commit/03b1f63d40d09c206f641b246110c2371d3068a2
github.com/moodle/moodle/commit/3d58fd5841308018b32ca78206c74f27c4d4b9c3
github.com/moodle/moodle/commit/5f65bb2e436620f9026b363484294299c2327740
github.com/moodle/moodle/commit/d01512e36c449f52ddc5e41db567d8f375fc153d
github.com/moodle/moodle/commit/d28eedd5363b4f081f9e66d0c9014d84792a89d7
github.com/moodle/moodle/commit/f1178ebcd9cf1c149892335c52f6ccad066e3e05
github.com/moodle/moodle/commit/fe9bd2b8bb73e958067f2bdb227a8d0e7cffbcda
moodle.org/mod/forum/discuss.php?d=323236
nvd.nist.gov/vuln/detail/CVE-2015-5341