CVE-2018-1135

CVE-2018-1135

EPSS 1.2%

An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.

Affected products

n/a · Moodle 3.x unknown

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://moodle.org/mod/forum/discuss.php?d=371201 http://www.securityfocus.com/bid/104307