Medium severity6.5NVD Advisory· Published May 25, 2018· Updated Jun 17, 2026
CVE-2018-1134
CVE-2018-1134
Description
An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
moodle/moodlePackagist | >= 3.1, < 3.1.12 | 3.1.12 |
moodle/moodlePackagist | >= 3.2, < 3.2.9 | 3.2.9 |
moodle/moodlePackagist | >= 3.3, < 3.3.6 | 3.3.6 |
moodle/moodlePackagist | >= 3.4, < 3.4.3 | 3.4.3 |
Affected products
1Patches
Vulnerability mechanics
References
4- moodle.org/mod/forum/discuss.phpnvdPatchVendor AdvisoryWEB
- www.securityfocus.com/bid/104307nvdThird Party AdvisoryVDB EntryWEB
- github.com/advisories/GHSA-xjx9-7c29-pwmmghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-1134ghsaADVISORY
News mentions
0No linked articles in our index yet.