Description

MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.

Remediation

References

CVE-2015-2936

Related Vulnerabilities

WordPress Plugin Dokan-Best WooCommerce Multivendor Marketplace Solution-Build Your Own Amazon, eBay, Etsy Cross-Site Request Forgery (3.0.8)

Craft CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-23927)

WordPress Plugin PWAMP PHP Object Injection (1.0.0)

WordPress Plugin Event post Local File Inclusion (5.9.5)

MediaWiki Observable Discrepancy Vulnerability (CVE-2022-41765)

Severity

High

Classification

CVE-2015-2936

Tags

Missing Update Known Vulnerabilities