Vulnerability Details CVE-2018-1135
An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 56.6%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 4.0
References
Products affected by CVE-2018-1135
-
cpe:2.3:a:moodle:moodle:3.1.0
-
cpe:2.3:a:moodle:moodle:3.1.1
-
cpe:2.3:a:moodle:moodle:3.1.10
-
cpe:2.3:a:moodle:moodle:3.1.11
-
cpe:2.3:a:moodle:moodle:3.1.2
-
cpe:2.3:a:moodle:moodle:3.1.3
-
cpe:2.3:a:moodle:moodle:3.1.4
-
cpe:2.3:a:moodle:moodle:3.1.5
-
cpe:2.3:a:moodle:moodle:3.1.6
-
cpe:2.3:a:moodle:moodle:3.1.7
-
cpe:2.3:a:moodle:moodle:3.1.8
-
cpe:2.3:a:moodle:moodle:3.1.9
-
cpe:2.3:a:moodle:moodle:3.2.0
-
cpe:2.3:a:moodle:moodle:3.2.1
-
cpe:2.3:a:moodle:moodle:3.2.2
-
cpe:2.3:a:moodle:moodle:3.2.3
-
cpe:2.3:a:moodle:moodle:3.2.4
-
cpe:2.3:a:moodle:moodle:3.2.5
-
cpe:2.3:a:moodle:moodle:3.2.6
-
cpe:2.3:a:moodle:moodle:3.2.7
-
cpe:2.3:a:moodle:moodle:3.2.8
-
cpe:2.3:a:moodle:moodle:3.3.0
-
cpe:2.3:a:moodle:moodle:3.3.1
-
cpe:2.3:a:moodle:moodle:3.3.2
-
cpe:2.3:a:moodle:moodle:3.3.3
-
cpe:2.3:a:moodle:moodle:3.3.4
-
cpe:2.3:a:moodle:moodle:3.3.5
-
cpe:2.3:a:moodle:moodle:3.4.0
-
cpe:2.3:a:moodle:moodle:3.4.1
-
cpe:2.3:a:moodle:moodle:3.4.2