CNNVD-202507-708 Information

CNNVD ID

CNNVD-202507-708

Related CVE

CVE-2025-43931

• CNNVD Published: 2025-07-07

Description (Chinese)

flask-boilerplate是Real Python开源的一个Python Flask应用程序的Boilerplate模板。 flask-boilerplate a170e7c版本存在安全漏洞，该漏洞源于密码重置功能配置不当，可能导致账户接管。

Description (English)

flask-boilerplate is a Boilerplate template for a Python Flusk application from Real Python Open Source. There is a security loophole in the flask-boilerplate a170e7c version, which stems from the inappropriate configuration of the password reset, which may lead to the account taking over.

Hazard Level

Low

Vulnerability Type

其他

Affected Vendor

Real Time Logic

Published

2025-07-07

Last Modified

2026-02-24

References

https://github.com/MaxHalford/flask-boilerplate/blob/a170e7cec605906801680567c4279b30ccd9630b/app/views/user.py#L103-L126 https://gist.github.com/BrookeYangRui/19fcc6c19df7bb4d8437476c609a6129 https://access.redhat.com/security/cve/cve-2025-43931