Lucene search

K

GoogleOSV:GHSA-C2R4-F8QV-2V7V

HistoryMay 13, 2022 - 1:12 a.m.

Moodle allows attackers to read SCORM contents

2022-05-1301:12:49

Google

osv.dev

7

moodle

scorm

access vulnerability

remote users

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

34.9%

mod_scorm in Moodle through 2.6.11, 2.7.x before 2.7.11, 2.8.x before 2.8.9, and 2.9.x before 2.9.3 mishandles availability dates, which allows remote authenticated users to bypass intended access restrictions and read SCORM contents via unspecified vectors.

References

git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50837

github.com/moodle/moodle

github.com/moodle/moodle/commit/03b1f63d40d09c206f641b246110c2371d3068a2

github.com/moodle/moodle/commit/3d58fd5841308018b32ca78206c74f27c4d4b9c3

github.com/moodle/moodle/commit/5f65bb2e436620f9026b363484294299c2327740

github.com/moodle/moodle/commit/d01512e36c449f52ddc5e41db567d8f375fc153d

github.com/moodle/moodle/commit/d28eedd5363b4f081f9e66d0c9014d84792a89d7

github.com/moodle/moodle/commit/f1178ebcd9cf1c149892335c52f6ccad066e3e05

github.com/moodle/moodle/commit/fe9bd2b8bb73e958067f2bdb227a8d0e7cffbcda

moodle.org/mod/forum/discuss.php?d=323236

nvd.nist.gov/vuln/detail/CVE-2015-5341

AI Score

6.2

Confidence

Low

EPSS

0.001

Percentile

34.9%

Related for OSV:GHSA-C2R4-F8QV-2V7V

nvd1 github1 ubuntucve1 veracode1 prion1 cvelist1 cve1 nessus3 openvas2 mageia1 fedora2