← volver
CVE-2022-24776

Open Redirect in Flask-AppBuilder

CVSS 6.1 MEDIUMEPSS 0.9%CWE-601
Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Flask-AppBuilder contains an open redirect vulnerability when using database authentication login page on versions below 3.4.5. This issue is fixed in version 3.4.5. There are currently no known workarounds.
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Productos afectados
dpgaspar · Flask-AppBuilder

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/dpgaspar/Flask-AppBuilder/pull/1804https://github.com/dpgaspar/Flask-AppBuilder/releases/tag/v3.4.5https://github.com/dpgaspar/Flask-AppBuilder/security/advisories/GHSA-2ccw-7px8-vmpf