search

Intevel / simply-diary

Simply Diary is an open source platform for an online diary.
https://simply-diary.xyz/
MIT License
20 stars 5 forks source link

Security concerns #6

Open xNaCly opened 2 years ago

xNaCly commented 2 years ago

Issue:

I have security concerns due to the length of the id of a diary. At the small length of 6 characters it is very easy to brute force.

Screenshots:

image image image

Fix:

It should be easily fixable, as its just a matter of implementing the uuid standard. I will assume i can work on fixing this issue and will put forward a pull request containing a fix shortly.

Credit: @Flam3rboy for raising my awareness of this issue

Intevel commented 2 years ago

Thanks for opening this issue, can you please create your issue in the backend repository?