Описание
NiceGUI On Air authentication issue
Summary
Once a user logins to one browser, all other browsers are logged in without entering password. Even incognito mode.
Impact
high
Пакеты
Наименование
nicegui
pip
Затронутые версииВерсия исправления
<= 2.9.0
2.9.1
Связанные уязвимости
CVSS3: 7.5
nvd
около 1 года назад
NiceGUI is an easy-to-use, Python-based UI framework. Prior to 2.9.1, authenticating with NiceGUI logged in the user for all browsers, including browsers in incognito mode. This vulnerability is fixed in 2.9.1.