Cleartext Password Logging Vulnerability in Moodle

Cleartext Password Logging Vulnerability in Moodle

CVE-2014-0008 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:N/A:N

lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.

Learn more about our Web Application Penetration Testing UK.