7.1 High
AI Score
Confidence
Low
0.004 Low
EPSS
Percentile
74.3%
Froxlor before 0.9.35 uses the PHP rand function for random number generation, which makes it easier for remote attackers to guess the password reset token by predicting a value.
github.com/Froxlor/Froxlor
github.com/Froxlor/Froxlor/commit/da4ec3e1b591de96675817a009e26e05e848a6ba
nvd.nist.gov/vuln/detail/CVE-2016-5100