Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1135)
Description
An issue was discovered in Moodle 3.x. Students who posted on forums and exported the posts to portfolios can download any stored Moodle file by changing the download URL.