CNNVD-202508-2217 Information

CNNVD ID

CNNVD-202508-2217

Related CVE

CVE-2025-55737

• CNNVD Published: 2025-08-19

Description (Chinese)

FlaskBlog是Doğukan Ürker个人开发者的一个使用 Flask 构建的简单博客应用程序。 FlaskBlog 2.8.0及之前版本存在安全漏洞，该漏洞源于未验证评论所有权可能导致任意删除评论。

Description (English)

FluskBlog is a simple blog application by Doğukan Ürker’s personal developer using the Flash. There is a security loophole in FluskBlog 2.8.0 and earlier versions, which stems from the fact that failure to validate the right to comment may lead to the arbitrary deletion of comments.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

个人开发者

Published

2025-08-19

Last Modified

2026-02-24

References

https://github.com/DogukanUrker/FlaskBlog/security/advisories/GHSA-6hp9-jv2f-88wr https://nvd.nist.gov/vuln/detail/CVE-2025-55737 https://access.redhat.com/security/cve/cve-2025-55737

Patch

https://github.com/DogukanUrker/FlaskBlog/releases