Описание
Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens.
That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function.
EPSS
Процентиль: 15%
0.00048
Низкий
7 High
CVSS3
Дефекты
CWE-338
Связанные уязвимости
CVSS3: 7
github
8 месяцев назад
Mojolicious::Plugin::CSRF 1.03 for Perl uses a weak random number source for generating CSRF tokens. That version of the module generates tokens as an MD5 of the process id, the current time, and a single call to the built-in rand() function.
EPSS
Процентиль: 15%
0.00048
Низкий
7 High
CVSS3
Дефекты
CWE-338