CVE-2018-1135: Information Exposure

May 25, 2018 (updated June 25, 2018)

An issue was discovered in Moodle. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.

References

www.securityfocus.com/bid/104307
moodle.org/mod/forum/discuss.php?d=371201
nvd.nist.gov/vuln/detail/CVE-2018-1135

Code Behaviors & Features

Detect and mitigate CVE-2018-1135 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →