CVE-2021-32805

URL Redirection to Untrusted Site (Open Redirect) in pypi/Flask-AppBuilder

Identifiers

CVE-2021-32805, GHSA-624f-cqvr-3qw4

Package Slug

pypi/Flask-AppBuilder

Vulnerability

URL Redirection to Untrusted Site (Open Redirect)

Description

Flask-AppBuilder is an application development framework, built on top of Flask. an attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, this URL can redirect a user to a malicious site. This is an open redirect vulnerability. To resolve this issue upgrade to Flask-AppBuilder or above.

Affected Versions

All versions before 3.3.2

Solution

Upgrade to version 3.3.2 or above.

Last Modified

2021-09-16

source