Use of a Broken or Risky Cryptographic Algorithm in livehelperchat/livehelperchatValid
Oct 1st 2021
livehelperchat uses cryptographically insecure functions (
mt_rand() and even
rand) to generate sensitive information.
Proof of Concept
None provided, see the PHP documentation that specifies the cryptographic insecurity of the above functions.
This vulnerability is capable of allowing an attacker to deduce previously-generated (and future) passwords.