CVE-2018-18531
CVE-2018-18531 involves kaptcha 2.3.2, where files text/impl/DefaultTextCreator.java, text/impl/ChineseTextProducer.java, and text/impl/FiveLetterFirstNameTextCreator.java use Random instead of SecureRandom to generate CAPTCHA values. This weak randomness can enable remote attackers to brute-forc...