Lucene search
GoogleOSV:CVE-2023-49438HistoryDec 26, 2023 - 10:15 p.m.
CVE-2023-49438
2023-12-2622:15:13
Google
osv.dev
6
flask
security
open redirect
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.8%
An open redirect vulnerability in the python package Flask-Security-Too <=5.3.2 allows attackers to redirect unsuspecting users to malicious sites via a crafted URL by abusing the ?next parameter on the /login and /register routes.
Related
veracode
veracode
Open Redirect
2023-12-28 11:14:23
nessus
nessus
Fedora 39 : python-flask-security-too (2024-f34963bef8)
2024-01-13 00:00:00
osv
osv
PYSEC-2023-248
2023-12-26 22:15:00
Open redirect vulnerability in Flask-Security-Too
2023-12-27 00:30:25
cvelist
cvelist
CVE-2023-49438
2023-12-26 00:00:00
prion
prion
Open redirect
2023-12-26 22:15:00
openvas
openvas
Fedora: Security Advisory (FEDORA-2024-f34963bef8)
2024-01-18 00:00:00
cve
cve
CVE-2023-49438
2023-12-26 22:15:13
redos
redos
ROS-20240408-17
2024-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 39 Update: python-flask-security-too-5.1.2-3.fc39
2024-01-14 01:00:07
github
github
Open redirect vulnerability in Flask-Security-Too
2023-12-27 00:30:25
nvd
nvd
CVE-2023-49438
2023-12-26 22:15:13
gitlab
gitlab
Open redirect vulnerability in Flask-Security-Too
2023-12-27 00:00:00
CVSS3
6.1
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
EPSS
0.001
Percentile
26.8%
Related for OSV:CVE-2023-49438