Cleartext Password Logging Vulnerability in Moodle
CVE-2014-0008 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.
Learn more about our Web Application Penetration Testing UK.