VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-v6ha-ekxw-7bfr

Vulnerability ID	VCID-v6ha-ekxw-7bfr
Aliases	CVE-2015-3275 GHSA-6922-5v25-p8jg
Summary	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Multiple cross-site scripting (XSS) vulnerabilities in the SCORM module in Moodle through 2.6.11, 2.7.x before 2.7.9, 2.8.x before 2.8.7, and 2.9.x before 2.9.1 allow remote attackers to inject arbitrary web script or HTML via a crafted organization name to (1) mod/scorm/player.php or (2) mod/scorm/prereqs.php.
Status	Published
Exploitability	None
Weighted Severity	None
Risk	None
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
There are no known severity scores.

Reference id	Reference type	URL
		http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50614
		http://openwall.com/lists/oss-security/2015/07/13/2
		https://github.com/moodle/moodle/commit/46460a23035ad35caa50c2083ce6327f7723002e
		https://github.com/moodle/moodle/commit/476e97f280f5fa146f3ab676dd6f07de481ad9e8
		https://github.com/moodle/moodle/commit/d942f0311c0d4d8200b9d3244cc8847046abc32e
		https://github.com/moodle/moodle/commit/f3e7afedb96e2637a30d9bebd5fa98d45eca5f55
		https://moodle.org/mod/forum/discuss.php?d=316665
		https://web.archive.org/web/20150924032214/http://www.securitytracker.com/id/1032877
CVE-2015-3275		https://nvd.nist.gov/vuln/detail/CVE-2015-3275
GHSA-6922-5v25-p8jg		https://github.com/advisories/GHSA-6922-5v25-p8jg

No exploits are available.

There are no known vectors.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-02T04:43:04.124566+00:00	GitLab Importer	Import	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/moodle/moodle/CVE-2015-3275.yml	38.6.0