Incorrect Comparison

Property	Value
Language
Severity
CWE	CWE-697: Incorrect Comparison
Confidence Level	Low
Impact Level	Low
Likelihood Level	Low

Description

Comparing md5 hashes using '==' instead of '===' in PHP can lead to unexpected results due to type juggling. This may allow values that shouldn't match to be considered equal, creating a security risk.

Impact

An attacker could exploit loose comparisons to bypass authentication or validation checks by crafting inputs that generate 'magic' hash values. This could lead to unauthorized access or compromise of sensitive data in your application.