flask_appbuilder is vulnerable to authentication bypass. The vulnerability exists login
function of api.py
because the login requests are not properly validated which allows a malicious attacker to send a crafted request and gain access to the API endpoints.
CPE | Name | Operator | Version |
---|---|---|---|
flask-appbuilder | le | 1.13.1 | |
flask-appbuilder | le | 2.3.4 | |
flask-appbuilder | le | 3.3.3 | |
flask-appbuilder | le | 1.13.1 | |
flask-appbuilder | le | 2.3.4 | |
flask-appbuilder | le | 3.3.3 |