synapse/changelog.d/5133.bugfix


			
				
				
					
						
						
						
							
							
							Switch to using a cryptographically-secure random number generator for token strings, ensuring they cannot be predicted by an attacker. Thanks to @opnsec for identifying and responsibly disclosing this issue!

						
						
					
				
				
					
					View git blame
					Copy permalink