Insecure_Randomness issue exists @ createaccount.php in branch master
Method rand_str at line 13 of createaccount.php uses a weak method rand to produce random values. These values might be used as personal identifiers, session tokens or cryptographic input; however, due to their insufficient randomness, an attacker may be able to derive their value.
cxronen
commented
3 years ago
Insecure_Randomness issue exists @ createaccount.php in branch master
Method rand_str at line 13 of createaccount.php uses a weak method rand to produce random values. These values might be used as personal identifiers, session tokens or cryptographic input; however, due to their insufficient randomness, an attacker may be able to derive their value.
Severity: Medium
CWE:330
Checkmarx
Training Recommended Fix
Lines: 19 13
Code (Line #19):
Code (Line #13):