CVE-2022-24776

Published March 24th, 2022

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

5.8

MEDIUM

Affected

PROJECT

Description

Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Flask-AppBuilder contains an open redirect vulnerability when using database authentication login page on versions below 3.4.5. This issue is fixed in version 3.4.5. There are currently no known workarounds.

dpgaspar/Flask-AppBuilder

Simple and rapid application development framework, built on top of Flask. includes detailed security, auto CRUD generation for your models, google charts and much more. Demo (login with guest/welcome) - http://flaskappbuilder.pythonanywhere.com/

GitHub

4.95K