ghost123gg/fblog

Releases0

Stars131

A blog system written in flask that I developed when I study flask

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2025-43933 ↗	Jul 7, 2025Monday, 7 July 2025, 16:15	9.8 CRITICAL	—
fblog through 983bede allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.