phpmyadmin -- Unsafe generation of XSRF/CSRF token

2016-01-28T00:00:00
ID 60AB0E93-C60B-11E5-BF36-6805CA0B3D42
Type freebsd
Reporter FreeBSD
Modified 2016-01-28T00:00:00

Description

The phpMyAdmin development team reports:

The XSRF/CSRF token is generated with a weak algorithm using functions that do not return cryptographically secure values. We consider this vulnerability to be non-critical.