CVE-2012-1581

EPSS 0.54%

Published: 9/9/2012Modified: 4/28/2026

Also known as:DEBIAN-CVE-2012-1581

Description

MediaWiki 1.17.x before 1.17.3 and 1.18.x before 1.18.2 uses weak random numbers for password reset tokens, which makes it easier for remote attackers to change the passwords of arbitrary users.

Affected packages (1)

Debian/mediawikifrom 0, < 1:1.15.5-9

References (1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2012-1581