CVE-2018-1134

CVE-2018-1134

EPSS 1.0%

An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL.

Affected products

n/a · Moodle 3.x unknown

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://moodle.org/mod/forum/discuss.php?d=371200 http://www.securityfocus.com/bid/104307