{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-24T20:00:25.368","vulnerabilities":[{"cve":{"id":"CVE-2018-1137","sourceIdentifier":"secalert@redhat.com","published":"2018-05-25T12:29:00.403","lastModified":"2026-06-17T01:50:34.013","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"An issue was discovered in Moodle 3.x. By substituting URLs in portfolios, users can instantiate any class. This can also be exploited by users who are logged in as guests to create a DDoS attack."},{"lang":"es","value":"Se ha descubierto un problema en Moodle 3.x. Al sustituir URL en los portfolios, los usuarios pueden instanciar cualquier clase. Esto también puede ser explotado por usuarios que hayan iniciado sesión como invitados para lanzar un ataque DDoS."}],"affected":[{"source":"secalert@redhat.com","affectedData":[{"vendor":"n/a","product":"Moodle 3.x unknown","versions":[{"version":"Moodle 3.x unknown","status":"affected"}]}]}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H","baseScore":8.1,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"LOW","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":2.8,"impactScore":5.2}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:N/I:P/A:P","baseScore":5.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":4.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-20"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndIncluding":"3.1.11","matchCriteriaId":"075775AB-928E-42E6-A8C8-90C151B1F031"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndIncluding":"3.2.8","matchCriteriaId":"56C70846-B851-4FB8-AD01-88318B41DE70"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndIncluding":"3.3.5","matchCriteriaId":"ABAE5044-56A2-4243-A7C1-2219DC62D1C5"},{"vulnerable":true,"criteria":"cpe:2.3:a:moodle:moodle:*:*:*:*:*:*:*:*","versionStartIncluding":"3.4.0","versionEndIncluding":"3.4.2","matchCriteriaId":"852FF021-18B1-4273-ACD9-0E1C53AC39EC"}]}]}],"references":[{"url":"http://www.securityfocus.com/bid/104307","source":"secalert@redhat.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=371204","source":"secalert@redhat.com","tags":["Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/104307","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"https://moodle.org/mod/forum/discuss.php?d=371204","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Vendor Advisory"]}]}}]}