repository/webdav/lib.php in Moodle 2.x through 2.1.10, 2.2.x before 2.2.8, 2.3.x before 2.3.5, and 2.4.x before 2.4.2 includes the WebDAV password in the configuration form, which allows remote authenticated administrators to obtain sensitive information by configuring an instance.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-37681
lists.fedoraproject.org/pipermail/package-announce/2013-April/101310.html
lists.fedoraproject.org/pipermail/package-announce/2013-April/101358.html
openwall.com/lists/oss-security/2013/03/25/2
github.com/moodle/moodle
github.com/moodle/moodle/commit/0e94caf991d4e399726e5dc0769873d9f753a727
github.com/moodle/moodle/commit/46eec6e46b89a7e8e3f08e460d917f2d1a2959d8
github.com/moodle/moodle/commit/92e592385784ec7ea5b5328a0c3c1608d321ad32
github.com/moodle/moodle/commit/ce96f23fe15ce6addc2f56af015452c3ea406190
moodle.org/mod/forum/discuss.php?d=225343
nvd.nist.gov/vuln/detail/CVE-2013-1832