CVE-2018-1135

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-1135
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-1135.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-1135
Aliases
Related
Published
2018-05-25T12:29:00Z
Modified
2024-09-03T02:06:04.705921Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.

References

Affected packages

Git / github.com/moodle/moodle

Affected ranges

Type
GIT
Repo
https://github.com/moodle/moodle
Events
Introduced
b182239f21c38ea57cddb41b0c03ef3eb02709f8
Last affected
2a591e36a9783c364d1c55d8988b5630d073bc93
Introduced
665c3ac59c35b7387a4fc70b8ac6600ce9ffeb87
Last affected
c485e424475b41d3ae55cc3c742fed9cd19a1e75
Introduced
b87a580aa3eb23d5f05d7f619fc40a89e0f86fe5
Last affected
e786a591d538204fad37f188018f8c82f69a28f2

Affected versions

v3.*

v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.2.7
v3.2.8
v3.3.0
v3.3.0-beta
v3.3.0-rc1
v3.3.0-rc2
v3.3.0-rc3
v3.3.1
v3.3.2
v3.3.3
v3.3.4
v3.3.5
v3.4.0
v3.4.0-beta
v3.4.0-rc1
v3.4.0-rc2
v3.4.0-rc3
v3.4.1
v3.4.2