Medium severity6.5NVD Advisory· Published Apr 17, 2025· Updated Jun 17, 2026
CVE-2025-28101
CVE-2025-28101
Description
An arbitrary file deletion vulnerability in the /post/{postTitle} component of flaskBlog v2.6.1 allows attackers to delete article titles created by other users via supplying a crafted POST request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
3- Range: =2.6.1
Patches
Vulnerability mechanics
References
2- github.com/DogukanUrker/flaskBlog/issues/130nvdExploitIssue Tracking
- gist.github.com/coleak2021/cecfc757bc77038717c3e7b40e2d66cenvdThird Party Advisory
News mentions
0No linked articles in our index yet.