Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 2:2 a.m.8 views

CVE-2023-33175

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

9.1CVSS6.7AI score0.00651EPSS
Exploits0References1
NVD
NVD
added 2023/05/30 5:15 a.m.13 views

CVE-2023-33175

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

9.1CVSS9.2AI score0.00651EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2023/05/30 4:31 a.m.13 views

CVE-2023-33175 ToUI allows user-specific variables to be shared between users

ToUI is a Python package for creating user interfaces websites and desktop apps from HTML. ToUI is using Flask-Caching SimpleCache to store user variables. Websites that use Website.uservars property. It affects versions 2.0.1 to 2.4.0. This issue has been patched in version 2.4.1...

9.1CVSS6.7AI score0.00651EPSS
Exploits0References2
CVE
CVE
added 2023/05/30 4:31 a.m.74 views

CVE-2023-33175

ToUI is affected by CVE-2023-33175 due to improper handling of the Website.user_vars attribute when using Flask-Caching (SimpleCache). The root cause is that user-specific variables are stored on the server-side cache, allowing exposure across users. Affected versions are 2.0.1 through 2.4.0; the...

9.1CVSS8.4AI score0.00651EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder