Moodle is susceptible to unauthorized information access. If the event monitor tool contains site-wide rules, a malicious user can subscribe to them and access sensitive information.
git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-50039
openwall.com/lists/oss-security/2015/05/18/1
www.securityfocus.com/bid/74721
www.securitytracker.com/id/1032358
git.moodle.org/gw?p=moodle.git;a=commit;h=0f510be763181210baa7885fbed661edd0d73680
moodle.org/mod/forum/discuss.php?d=313684