Description
lib/adminlib.php in Moodle through 2.3.11, 2.4.x before 2.4.8, 2.5.x before 2.5.4, and 2.6.x before 2.6.1 logs cleartext passwords, which allows remote authenticated administrators to obtain sensitive information by reading the Config Changes Report.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2011-0877 Vulnerability (CVE-2011-0877)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.10)
Envoy Proxy Uncontrolled Resource Consumption Vulnerability (CVE-2019-15226)
Liferay Portal Origin Validation Error Vulnerability (CVE-2022-25146)
phpMyAdmin Permissions, Privileges, and Access Controls Vulnerability (CVE-2016-9849)