V3 - Session Management Session token predictable / low entropyPOC Perform a standard request on the application Observe session token can be decrypted or guessable or brute forceable ImpactLowLikelihoodLow