Audiophile Torrent Site What.CD Fully Pwnable Thanks To Wrecked RNG

Reader mask.of.sanity writes: Users of popular audiophile torrent site What.CD can make themselves administrators to completely compromise the private music site and bypass its notorious download ratio limits thanks to the use of the mt_rand function for password resets, a researcher has found. From the report (edited and condensed):What.CD is the world's most popular high quality music private torrent site that requires its users to pass an interview testing their knowledge of audio matters before they are granted an account. Users must maintain a high upload to download ratio to continue to download from the site. [...] "I reported it a year ago, and they acknowledged it but said 'don't worry about it,'" said New-Zealand-based independent security researcher who goes by the alias ss23.

I must be new here

[wwalker]

We are on a relatively tech-savvy site, right? Why is there a link explaining what an audiophile is (as if I couldn't have guessed from the context even if I didn't know), but there is no link explaining how the exploit actually works? (It's not mt_rand that's the problem, it's how you seed it) Why do I have to google after reading the summary? What's the point of having editors here at all?!