Nice that the post includes a timeline - but considering some of these issues (broken rng, brute force of otp) - it's deeply concerning that the issues won't be fixed?<p>> August 7, 2023: We reported our findings to the caddy-security plugin maintainers.<p>> August 23, 2023: The caddy-security plugin maintainers confirmed that there were no near-term plans to act on the reported vulnerabilities.