Math.random() use a security vulnerability?

[Mark McNally]

Hello, 

The Fortify SCA scanner flagged the use of Math.random() in strophe.js as being insecure.

This appeared as part of a of a new company requirement for our web apps to be free of Critical and High severity security vulnerabilities.

Can anyone comment on the validity of this claim in this context?

Thank you, 

Mark