Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| froxlor/froxlor(Packagist) | 0 | 0.9.35 | N/A |
CVSS Metrics
