High severity7.5NVD Advisory· Published Jan 13, 2024· Updated Jun 17, 2026
CVE-2023-52289
CVE-2023-52289
Description
An issue was discovered in the flaskcode package through 0.0.8 for Python. An unauthenticated directory traversal, exploitable with a POST request to a /update-resource-data/<file_path> URI (from views.py), allows attackers to write to arbitrary files.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
flaskcodePyPI | <= 0.0.8 | — |
Affected products
2- flaskcode/flaskcodedescription
Patches
Vulnerability mechanics
References
3- github.com/advisories/GHSA-v3rg-qm46-xrg9ghsaADVISORY
- gitlab.com/daniele_m/cve-list/-/blob/main/README.mdnvdThird Party AdvisoryWEB
- nvd.nist.gov/vuln/detail/CVE-2023-52289ghsaADVISORY
News mentions
0No linked articles in our index yet.