|Topic:||SQL injection in SCORM module|
|Versions affected:||<1.8.11 and <1.9.7|
|Reported by:||Andrea Tuccia|
|Solution:||upgrade to 1.8.11 or 1.9.7|
Andrea Tuccia discovered escaping issue when processing AICC CRS file (Course_Title). The problem is marked as minor because only trusted users are allow to upload SCORM packages.