Description
MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.
Remediation
References
Related Vulnerabilities
WordPress 5.8.x Multiple Prototype Pollution Vulnerabilities (5.8 - 5.8.3)
WordPress Plugin File Manager Multiple Vulnerabilities (4.8)
Perl Out-of-bounds Write Vulnerability (CVE-2022-48522)
WordPress Plugin Bliss Gallery 'upload.php' Arbitrary File Upload (2.1)
Microsoft SQL Server CVE-2023-32027 Vulnerability (CVE-2023-32027)