Description
repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
Remediation
References
Related Vulnerabilities
Oracle Database Server CVE-2010-0854 Vulnerability (CVE-2010-0854)
ownCloud Improper Input Validation Vulnerability (CVE-2015-7699)
WordPress Plugin Custom Content Type Manager Backdoor (0.9.8.8)
WordPress Plugin Wbcom Designs-BuddyPress Group Reviews Security Bypass (2.8.3)
Internet Information Services Other Vulnerability (CVE-2001-0709)