PyPI package
flask-security-too
pkg:pypi/flask-security-too
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-49438 | — | < 5.3.3 | 5.3.3 | Dec 26, 2023 | An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes. | ||
| CVE-2021-32618 | — | < 4.1.0 | 4.1.0 | May 17, 2021 | The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many su | ||
| CVE-2021-21241 | — | >= 3.3.0, < 3.4.5 | 3.4.5 | Jan 11, 2021 | The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5 |
- CVE-2023-49438Dec 26, 2023affected < 5.3.3fixed 5.3.3
An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.
- CVE-2021-32618May 17, 2021affected < 4.1.0fixed 4.1.0
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is an independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. All versions of Flask-Security-Too allow redirects after many su
- CVE-2021-21241Jan 11, 2021affected >= 3.3.0, < 3.4.5fixed 3.4.5
The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a independently maintained version of Flask-Security based on the 3.0.0 version of Flask-Security. In Flask-Security-Too from version 3.3.0 and before version 3.4.5