AVG-1965 - python-flask-security-too - Arch Linux
AVG-1965 log
| Package | python-flask-security-too |
| Status | Vulnerable |
| Severity | Low |
| Type | open redirect |
| Affected | 4.0.1-2 |
| Fixed | Unknown |
| Current | 4.0.1-2 [community] |
| Ticket | Create |
| Created | Tue May 18 06:54:00 2021 |
| Issue | Severity | Remote | Type | Description |
|---|---|---|---|---|
| CVE-2021-32618 | Low | Yes | Open redirect | All versions of Flask-Security-Too allow redirects after many successful views (e.g. /login) by honoring the ?next query param. There is code in FS to... |