Description

MediaWiki 1.24.x before 1.24.2, when using PBKDF2 for password hashing, allows remote attackers to cause a denial of service (CPU consumption) via a long password.

Remediation

References

CVE-2015-2936

Related Vulnerabilities

Plone CMS URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2017-1000484)

WordPress Permissions, Privileges, and Access Controls Vulnerability (CVE-2011-3129)

Dolibarr Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-13239)

WordPress Plugin MyPixs Local File Inclusion (0.3)

WebLogic Deserialization of Untrusted Data Vulnerability (CVE-2019-16942)

Severity

High

Classification

CVE-2015-2936

Tags

Missing Update Known Vulnerabilities