AI Score
Confidence
High
EPSS
Percentile
47.5%
CSRF tokens are generated using math/rand, which is not a cryptographically secure random number generator, allowing an attacker to predict values and bypass CSRF protections with relatively few requests.
github.com/dinever/golf/commit/3776f338be48b5bc5e8cf9faff7851fc52a3f1fe
github.com/dinever/golf/issues/20
github.com/dinever/golf/pull/24