{ "affected": [ { "ranges": [ { "database_specific": { "versions": [ { "introduced": "3.1.0" }, { "last_affected": "3.1.11" }, { "introduced": "3.2.0" }, { "last_affected": "3.2.8" }, { "introduced": "3.3.0" }, { "last_affected": "3.3.5" }, { "introduced": "3.4.0" }, { "last_affected": "3.4.2" } ] }, "events": [ { "introduced": "268abfacc54c4cbf9722c1502569b311c7caefff" }, { "last_affected": "e25e165231ed061c4278ce3694d2e1e4d4d3d142" }, { "introduced": "b182239f21c38ea57cddb41b0c03ef3eb02709f8" }, { "last_affected": "2a591e36a9783c364d1c55d8988b5630d073bc93" }, { "introduced": "b87a580aa3eb23d5f05d7f619fc40a89e0f86fe5" }, { "last_affected": "e786a591d538204fad37f188018f8c82f69a28f2" }, { "introduced": "665c3ac59c35b7387a4fc70b8ac6600ce9ffeb87" }, { "last_affected": "c485e424475b41d3ae55cc3c742fed9cd19a1e75" } ], "repo": "https://github.com/moodle/moodle", "type": "GIT" } ] } ], "details": "An issue was discovered in Moodle 3.x. Students who submitted assignments and exported them to portfolios can download any stored Moodle file by changing the download URL.", "id": "CVE-2018-1134", "modified": "2026-03-13T21:58:45.286716930Z", "published": "2018-05-25T12:29:00.277Z", "references": [ { "type": "ADVISORY", "url": "http://www.securityfocus.com/bid/104307" }, { "type": "FIX", "url": "https://moodle.org/mod/forum/discuss.php?d=371200" } ], "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "type": "CVSS_V3" } ] }