CVE-2021-21253

Name of the Vulnerable Software and Affected Versions: OnlineVotingSystem versions prior to 1.1.2

Description: The issue concerns the hashing of user passwords without a salt, making the system vulnerable to dictionary attacks. This vulnerability allows attackers to pre-compute hash values using techniques like rainbow tables, thereby increasing the risk of password cracking. The addition of a long, randomly generated salt to the password hash function enhances password protection.

Recommendations: For versions prior to 1.1.2, update to version 1.1.2 or later, which includes a fix for this issue by adding a long, randomly generated salt to the password hash function.