MediaWiki 1.24.x prior to 1.24.2, when using PBKDF2 for password hashing, allows remote malicious users to cause a denial of service (CPU consumption) via a long password.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
mediawiki mediawiki 1.24.0 |
||
mediawiki mediawiki 1.24.1 |