GHSA-765J-9R45-W2Q2 Flask App Builder has an Authentication Bypass vulnerability when using non AUTH_DB methods
Impact When Flask-AppBuilder is configured to use OAuth, LDAP, or other non-database authentication methods, the password reset endpoint remains registered and accessible, despite not being displayed in the user interface. This allows an enabled user to reset their password and be able to create...