CNNVD-202508-2209 Information

CNNVD ID

CNNVD-202508-2209

Related CVE

CVE-2025-55736

• CNNVD Published: 2025-08-19

Description (Chinese)

FlaskBlog是Doğukan Ürker个人开发者的一个使用 Flask 构建的简单博客应用程序。 FlaskBlog 2.8.0及之前版本存在安全漏洞，该漏洞源于任意用户可能提升为管理员角色。

Description (English)

FluskBlog is a simple blog application by Doğukan Ürker’s personal developer using the Flash. There is a security loophole in FluskBlog 2.8.0 and earlier versions, which stems from the potential for any user to be promoted to the role of administrator.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-19

Last Modified

2026-02-24

References

https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-6q83-vfmq-wf72 https://access.redhat.com/security/cve/cve-2025-55736 https://nvd.nist.gov/vuln/detail/CVE-2025-55736

Patch

https://github.com/DogukanUrker/FlaskBlog/releases