Because of this vulnerability in wp-login.php, attackers can perform HTTP Response Splitting attacks to modify expected HTML content from the server via the “text” parameter.
Update the WordPress to the latest available version (at least 1.2.1).