Description

Mediawiki 1.31 before 1.31.1, 1.30.1, 1.29.3 and 1.27.5 contains a flaw where BotPasswords can bypass CentralAuth's account lock

Remediation

References

CVE-2018-0505

Related Vulnerabilities

Internet Information Services Uncontrolled Resource Consumption Vulnerability (CVE-2009-2521)

WordPress Plugin Wholesale Market for WooCommerce Directory Traversal (1.0.8)

osCommerce Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2002-1991)

Jenkins Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2018-1000410)

WordPress Plugin Ad Buttons Multiple Vulnerabilities (2.3.1)

Severity

Medium

Classification

CVE-2018-0505 CWE-287 CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities