CVE-2023-49438 Information

Dec 27, 2023 cve

Description

An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.

Reference

https://github.com/Flask-Middleware/flask-security https://github.com/brandon-t-elliott/CVE-2023-49438

Share on: