CVE-2018-1135
Description
An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.
CWE
- (none)
Affected
- n/a / Moodle 3.x unknown — v=Moodle 3.x unknown [affected]
CVSS
- (none)
References
- https://moodle.org/mod/forum/discuss.php?d=371201 x_refsource_CONFIRM
- http://www.securityfocus.com/bid/104307 vdb-entry, x_refsource_BID
Source
cvelistV5-main/cves/2018/1xxx/CVE-2018-1135.json