FanjunMeng issues

Repositories
Issues
Comments

Results 1 issues of


                                            FanjunMeng

Insecure Random

https://github.com/penggle/kaptcha/blob/f998397fc508f1fe09ff21d11d507324bfb4bc65/src/main/java/com/google/code/kaptcha/text/impl/DefaultTextCreator.java#L21 https://github.com/penggle/kaptcha/blob/f998397fc508f1fe09ff21d11d507324bfb4bc65/src/main/java/com/google/code/kaptcha/text/impl/ChineseTextProducer.java#L22 https://github.com/penggle/kaptcha/blob/f998397fc508f1fe09ff21d11d507324bfb4bc65/src/main/java/com/google/code/kaptcha/text/impl/FiveLetterFirstNameTextCreator.java#L1059 I think it should be use a secure random algorithm “SecureRandom” to generate verifycode An attacker will simply compute the seed from the output values observed. This...