CVE-2016-15005
CSRF tokens are generated using math/rand, which is not a cryptographically secure random number generator, allowing an attacker to predict values and bypass CSRF protections with relatively few requests.
8.8CVSS
8.6AI Score
0.001EPSS