Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 1:43 a.m.8 views

CVE-2023-43805

Nexkey is a fork of Misskey, an open source, decentralized social media platform. Prior to version 12.121.9, incomplete URL validation can allow users to bypass authentication for access to the job queue dashboard. Version 12.121.9 contains a fix for this issue. As a workaround, it may be possibl...

7.5CVSS7.1AI score0.00645EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2023/08/31 12:0 a.m.20 views

FreeBSD : py-flask-security -- user redirect to arbitrary URL vulnerability (06492bd5-085a-4cc0-9743-e30164bdcb1c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 06492bd5-085a-4cc0-9743-e30164bdcb1c advisory. - This affects all versions of package Flask-Security. When using the getpostlogoutredirect and...

6.1CVSS6.8AI score0.00895EPSS
Exploits1References3
Debian
Debian
added 2023/08/28 5:6 p.m.13 views

[SECURITY] [DLA 3545-1] flask-security security update

Debian LTS Advisory DLA-3545-1 [email protected] https://www.debian.org/lts/security/ Sean Whitton August 28, 2023 https://wiki.debian.org/LTS Package : flask-security Version : 1.7.5-2+deb10u1 CVE ID : CVE-2021-23385 Debian Bug : 1021279 It was discovered that when using the...

6.1CVSS6.6AI score0.00895EPSS
Exploits1
GitLab Advisory Database
GitLab Advisory Database
added 2022/10/07 12:0 a.m.45 views

URL Redirection to Untrusted Site ('Open Redirect')

This affects all versions of package Flask-Security. When using the getpostlogoutredirect and getpostloginredirect functions, it is possible to bypass URL validation and redirect a user to an arbitrary URL by providing multiple back slashes such as \\evil.com/path. This vulnerability is only...

6.1CVSS3.4AI score0.00895EPSS
Exploits1References5Affected Software1
Rows per page
Query Builder