CVE-2021-22948
The CVE-2021-22948 affects revive-adserver, specifically versions prior to 5.3.0. The issue stems from generating session IDs with PHP’s insecure uniqid() function, which under certain conditions could allow an attacker to brute-force session IDs and take over a user account. The Red Hat and NVD ...