Description
TYPO3 before 4.3.4 and 4.4.x before 4.4.1 contains insecure randomness during generation of a hash with the "forgot password" function.
Remediation
References
Related Vulnerabilities
WordPress Plugin Password Protected Unspecified Vulnerability (2.0)
PHP Numeric Errors Vulnerability (CVE-2006-4486)
Magento Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2020-9591)
Moodle URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-3850)