flask_session_captcha has insecure return value. The vulnerability exists in validate
function in __init__.py
because it returns None instead of False if no value passed which allows an attacker to bypass the checks.
github.com/Tethik/flask-session-captcha/commit/2811ae23a38d33b620fb7a07de8837c6d65c13e4
github.com/Tethik/flask-session-captcha/commit/a65c5a4ff37f0c6f17a220f6819199618bdd0743
github.com/Tethik/flask-session-captcha/pull/27
github.com/Tethik/flask-session-captcha/releases/tag/v1.2.1
github.com/Tethik/flask-session-captcha/security/advisories/GHSA-7r87-cj48-wj45