7 matches found
CVE-2022-24880
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he captcha.validate function would return None if passed no value e.g. by submitting an having an empty form. If implementing users...
Potential Captcha Validate Bypass in flask-session-captcha
Impact flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. The captcha.validate function would return None if passed no value e.g. by submitting a request with an empty form. If implementing users were checking th...
GHSA-7R87-CJ48-WJ45 Potential Captcha Validate Bypass in flask-session-captcha
Impact flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. The captcha.validate function would return None if passed no value e.g. by submitting a request with an empty form. If implementing users were checking th...
PYSEC-2022-193
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he captcha.validate function would return None if passed no value e.g. by submitting an having an empty form. If implementing users...
CVE-2022-24880
CVE-2022-24880 affects the Flask extension flask-session-captcha. The captcha.validate() function could return None when called with no value, allowing an attacker to bypass verification if code relies on a falsey check. Version 1.2.1 fixes the issue; upgrading to that version is the advised reme...
CVE-2022-24880 Potential Captcha Validate Bypass in flask-session-captcha
flask-session-captcha is a package which allows users to extend Flask by adding an image based captcha stored in a server side session. In versions prior to 1.2.1, he captcha.validate function would return None if passed no value e.g. by submitting an having an empty form. If implementing users...
flask-session-captcha 代码问题漏洞
flask-session-captcha is a captcha implementation of flask by the individual developer Joakim Uddholm in Germany. A security vulnerability exists in versions of flask-session-captcha prior to 1.2.1, which stems from the fact that the captcha.validate function returns None if no value is passed, a...