# Weak Password Reset Token

- ID: javascript-weak-password-reset-token
- Severity: HIGH
- CWE: Weak Password Recovery (CWE-640)
- Languages: JavaScript, TypeScript
- Frameworks: all

## Description

Detects predictable random number generation (Math.random) used for password reset tokens.

## Detection Message

Weak random from {source} used for password reset token at {sink}.

## Remediation

Use cryptographically secure random:

```javascript
const crypto = require('crypto');
const resetToken = crypto.randomBytes(32).toString('hex');
```

Learn more: https://shoulder.dev/learn/javascript/cwe-640/weak-password-reset-token

## Documentation

[object Object]

## Related Rules

- **Weak Password Reset Token** [HIGH]: 
- **Weak Password Reset Token** [HIGH]: