An attacker is able to guess generated digits due to insufficient entropy.
OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
Insufficient Entropy
OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
5 years ago
GMS-2020-4
10.0