Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
MediaWiki Credentials Management Errors Vulnerability - CVE-2015-8626 - Vulnerability Database
MediaWiki

MediaWiki Credentials Management Errors Vulnerability - CVE-2015-8626

Critical
Reference: CVE-2015-8626
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2015-8626
Title: MediaWiki Credentials Management Errors Vulnerability
Overview:

The User::randomPassword function in MediaWiki before 1.23.12 1.24.x before 1.24.5 1.25.x before 1.25.4 and 1.26.x before 1.26.1 generates passwords smaller than wgMinimalPasswordLength which makes it easier for remote attackers to obtain access via a brute-force attack.