VYPR
Moderate severityNVD Advisory· Published Dec 26, 2023· Updated Nov 4, 2025

CVE-2023-49438

CVE-2023-49438

Description

An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
Flask-Security-TooPyPI
< 5.3.35.3.3

Affected products

3

Patches

Vulnerability mechanics

References

6

News mentions

0

No linked articles in our index yet.