VYPR
Unrated severityNVD Advisory· Published Feb 8, 2020· Updated Aug 6, 2024

CVE-2012-4381

CVE-2012-4381

Description

MediaWiki before 1.18.5, and 1.19.x before 1.19.2 saves passwords in the local database, (1) which could make it easier for context-dependent attackers to obtain cleartext passwords via a brute-force attack or, (2) when an authentication plugin returns a false in the strict function, could allow remote attackers to use old passwords for non-existing accounts in an external authentication system via unspecified vectors.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • MediaWiki/Mediawikillm-fuzzy2 versions
    <1.18.5, <1.19.2+ 1 more
    • (no CPE)range: <1.18.5, <1.19.2
    • (no CPE)range: before 1.18.5

Patches

Vulnerability mechanics

References

7

News mentions

0

No linked articles in our index yet.