CVE-2016-15005
CVE-2016-15005 affects the Go project github.com/dinever/golf. The root cause is CSRF tokens generated with math/rand, which is not cryptographically secure, allowing an attacker to predict token values and bypass CSRF protections with relatively few requests. Impact described across sources: CSR...