Improper Authentication
An authentication bypass in Lin-CMS v0.2.1 allows attackers to escalate privileges to Super Administrator.
Advisories for Pypi/Lin-CMS package
2022
Lin-CMS-Flask vulnerable to Improper Authentication
Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component app/api/cms/user.py.
Lin-CMS-Flask Cross Site Scripting (XSS) vulnerability
Cross Site Scripting (XSS) in Lin-CMS-Flask v0.1.1 allows remote attackers to execute arbitrary code by entering scripts in the the 'Username' parameter of the in component 'app/api/cms/user.py'.