First published: Thu Mar 24 2022(Updated: )
Flask-AppBuilder is an application development framework, built on top of the Flask web framework. Flask-AppBuilder contains an open redirect vulnerability when using database authentication login page on versions below 3.4.5. This issue is fixed in version 3.4.5. There are currently no known workarounds.
Credit: security-advisories@github.com
Affected Software | Affected Version | How to fix |
---|---|---|
Flask-appbuilder Project Flask-appbuilder | <3.4.5 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2022-24776 is an open redirect vulnerability in Flask-AppBuilder versions before 3.4.5.
Flask-AppBuilder is an application development framework built on top of the Flask web framework.
Flask-AppBuilder versions before 3.4.5 are affected by the open redirect vulnerability identified as CVE-2022-24776.
The severity of CVE-2022-24776 is medium, with a CVSS score of 6.1.
To fix the open redirect vulnerability, ensure that you are using Flask-AppBuilder version 3.4.5 or later.