Moodle is susceptible to information disclosure. The vulnerability exists because the library records the password in plain text in the config log report, allowing an authenticated administrator to view the passwords when accessing the report.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-36721
lists.fedoraproject.org/pipermail/package-announce/2014-January/127510.html
lists.fedoraproject.org/pipermail/package-announce/2014-January/127533.html
openwall.com/lists/oss-security/2014/01/20/1
www.securitytracker.com/id/1029647
git.moodle.org/gw?p=moodle.git;a=commit;h=914499a340dcdeffc9336eb5fa080d5dc51e6bac
github.com/moodle/moodle/commit/914499a340dcdeffc9336eb5fa080d5dc51e6bac
moodle.org/mod/forum/discuss.php?d=252414