helpers.py in Flask-Admin 1.5.2 has Reflected XSS via a crafted URL.
CPE | Name | Operator | Version |
---|---|---|---|
flask-admin | eq | 0.4.0 | |
flask-admin | eq | 1.0.1 | |
flask-admin | eq | 1.0.0 | |
flask-admin | eq | 1.0.6 | |
flask-admin | eq | 0.1.1 | |
flask-admin | eq | 1.3.0 | |
flask-admin | eq | 1.5.1 | |
flask-admin | eq | 0.3.0 | |
flask-admin | eq | 0.1.3 | |
flask-admin | eq | 1.0.3 |
github.com/advisories/GHSA-894g-6j7q-2hx6
github.com/flask-admin/flask-admin
github.com/flask-admin/flask-admin/commit/8af10e0b022464fdcb2da3d0ea5bbd2f11c0acd1
github.com/flask-admin/flask-admin/pull/1699
github.com/flask-admin/flask-admin/releases/tag/v1.5.3
lists.fedoraproject.org/archives/list/[email protected]/message/UJIYCWIH3BRLI2QNC53CQXLKVP27X7EH
lists.fedoraproject.org/archives/list/[email protected]/message/ZU2VKULURVXEU4YFTLMBQGYMPSXQ4MBN
nvd.nist.gov/vuln/detail/CVE-2018-16516