logo

Database

Cross-site request forgery In flask-security-too

Description

cross-site request forgery

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2021-212412. NVD-2021-212413. OSV-2021-212414. OSV-DEBIAN-2021-212415. GCVE-2021-212416. SECURITY-TRACKER-CVE-2021-21241

References

1. https://github.com/pypa/advisory-database/tree/main/vulns/flask-security-too/PYSEC-2021-91.yaml2. https://pypi.org/project/Flask-Security-Too3. https://web.archive.org/web/20210118165844/https://github.com/Flask-Middleware/flask-security/releases/tag/3.4.54. https://web.archive.org/web/20210118165958/https://github.com/Flask-Middleware/flask-security/commit/6d50ee9169acf813257c37b75babe9c28e83542a5. https://web.archive.org/web/20210118170445/https://github.com/Flask-Middleware/flask-security/commit/61d313150b5f620d0b800896c4f2199005e84b1f6. https://web.archive.org/web/20210118170502/https://github.com/Flask-Middleware/flask-security/security/advisories/GHSA-hh7m-rx4f-4vpv7. https://web.archive.org/web/20211207005640/https://github.com/Flask-Middleware/flask-security/pull/422

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.