AVG-1434 log
Package | python-flask-security-too |
Status | Fixed |
Severity | High |
Type | cross-site request forgery |
Affected | 3.3.3-3 |
Fixed | 4.0.1-1 |
Current |
5.5.2-1 [extra-testing] 5.4.3-4 [extra] |
Ticket | FS#70041 |
Created | Mon Jan 11 22:40:11 2021 |
Issue | Severity | Remote | Type | Description |
---|---|---|---|---|
CVE-2021-21241 | High | Yes | Cross-site request forgery | In Flask-Security-Too from version 3.3.0 and before version 3.4.5, the /login and /change endpoints can return the authenticated user's authentication token... |
Date | Advisory | Package | Type |
---|---|---|---|
19 May 2021 | ASA-202105-2 | python-flask-security-too | cross-site request forgery |