MediaWiki 1.17.x prior to 1.17.3 and 1.18.x prior to 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote malicious users to change the passwords of arbitrary users.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.17.2 |
||
mediawiki mediawiki 1.17 |
||
mediawiki mediawiki 1.17.0 |
||
mediawiki mediawiki 1.17.1 |
||
mediawiki mediawiki 1.18.0 |
||
mediawiki mediawiki 1.18.1 |
||
mediawiki mediawiki 1.18 |