5 matches found
Fedora: Security Advisory (FEDORA-2024-f34963bef8)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 39 : python-flask-security-too (2024-f34963bef8)
The remote Fedora 39 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2024-f34963bef8 advisory. Backport fix for CVE-2023-49438. Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not...
faradaysec (>=3.14.1 <=5.20.1), flask-authoob (>=0.0.21 <=0.0.34) +13 more potentially affected by CVE-2023-49438 via flask-security-too (>=3.2.0rc1 <=5.2.0)
flask-security-too PYPI version =3.2.0rc1, =3.14.1, =0.0.21, =0.3.1, =4.22.0, =6.0.1, =7.0.0, =6.0.0, =7.0.8.dev28841, =2.0.0, =3.5.6.dev19088, =1.0.3.dev126, =3.1.0, =2.1.0, =0.0.21, =1.0.2.dev51 Source cves: CVE-2023-49438 Source advisory: OSV:GHSA-672H-6X89-76M5...
CVE-2023-49438
An open redirect vulnerability in the python package Flask-Security-Too =5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes...
CVE-2023-49438
Vulnerability summary (CVE-2023-49438) : The Python package Flask-Security-Too