Количество 2
Количество 2
CVE-2021-27913
The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0.
GHSA-x7g2-wrrp-r6h3
Use of a Broken or Risky Cryptographic Algorithm
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-27913 The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0. | CVSS3: 3.5 | 0% Низкий | больше 4 лет назад |
| GHSA-x7g2-wrrp-r6h3 Use of a Broken or Risky Cryptographic Algorithm | CVSS3: 3.5 | 0% Низкий | больше 4 лет назад |
Уязвимостей на страницу