CVE-2023-30861
Flask vulnerability CVE-2023-30861 arises when a responsive cached by a proxy may include data for one client and serve it to others, potentially leaking a session cookie. Root cause: Flask previously only set the Vary: Cookie header when the session was accessed or modified, not when it was refr...