python-flask-security-too
Link | package | bugs open | bugs closed | Wiki | GitHub | web search |
Description | Quick and simple security for Flask applications |
Version | 3.3.3-3 [community] |
Open
Group | Affected | Fixed | Severity | Status | Ticket |
---|---|---|---|---|---|
AVG-1434 | 3.3.3-3 | High | Vulnerable | FS#70041 |
Issue | Group | Severity | Remote | Type | Description |
---|---|---|---|---|---|
CVE-2021-21241 | AVG-1434 | High | Yes | Cross-site request forgery | In Flask-Security-Too from version 3.3.0 and before version 3.4.5, the /login and /change endpoints can return the authenticated user's authentication token... |