CVE-2014-8735 Information

Description

The Bad Behavior module 6.x-2.x before 6.x-2.2216 and 7.x-2.x before 7.x-2.2216 for Drupal logs usernames and passwords which allows remote authenticated users with the \administer bad behavior\ permission to obtain sensitive information by reading a log file.

Reference

https://www.drupal.org/node/2360953 https://www.drupal.org/node/2360955 https://www.drupal.org/node/2361611