admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-07-29 05:56:59 +00:00
Code Issues Packages Projects Releases Wiki Activity

"-Synchronized-Data."

Browse Source
This commit is contained in:
CVE Team 2021-08-30 16:00:59 +00:00
parent 5c448248a5
commit a3d074a18b
No known key found for this signature in database
GPG Key ID: 5708902F06FEF743
1 changed files with 4 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
2021/27xxx/CVE-2021-27913.json
View File

@ -47,7 +47,7 @@
"description_data": [
{
"lang": "eng",
"value": "The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control\nThis issue affects:\nMautic Mautic\nversions prior to 3.3.4;\nversions prior to 4.0.0."
"value": "The function mt_rand is used to generate session tokens, this function is cryptographically flawed due to its nature being one pseudorandomness, an attacker can take advantage of the cryptographically insecure nature of this function to enumerate session tokens for accounts that are not under his/her control This issue affects: Mautic Mautic versions prior to 3.3.4; versions prior to 4.0.0."
}
]
},
@ -85,8 +85,9 @@
"references": {
"reference_data": [
{
"refsource": "CONFIRM",
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"
"refsource": "MISC",
"url": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3",
"name": "https://github.com/mautic/mautic/security/advisories/GHSA-x7g2-wrrp-r6h3"
}
]
},