CVE-2017-1000171

Mahara Mobile before 1.2.1 is vulnerable to passwords being sent to the Mahara access log in plain text.