CNNVD-202508-2207 Information
Aug 19, 2025
cve
CNNVD ID
CNNVD-202508-2207
Related CVE
- CNNVD Published: 2025-08-19
Description (Chinese)
FlaskBlog是Doğukan Ürker个人开发者的一个使用 Flask 构建的简单博客应用程序。 FlaskBlog 2.8.0及之前版本存在安全漏洞,该漏洞源于未检查用户角色,可能导致绕过访问控制。
Description (English)
FluskBlog is a simple blog application by Doğukan Ürker’s personal developer using the Flash. There is a security loophole in FluskBlog 2.8.0 and earlier versions, which stems from the failure to check user roles and may lead to bypassing access controls.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-08-19
Last Modified
2026-02-24
References
https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-h239-vv39-v3vx https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-jw79-2xvp-76p8 https://nvd.nist.gov/vuln/detail/CVE-2025-55734 https://access.redhat.com/security/cve/cve-2025-55734
Patch
https://github.com/DogukanUrker/FlaskBlog/releases
Share on: