exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 4

CVE-2024-27083

почти 2 года назад

Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser. This issue was introduced on 4.1.4 and patched on 4.2.1.

CVSS3: 4.3

EPSS: Низкий

CVE-2024-27083

почти 2 года назад

Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser. This issue was introduced on 4.1.4 and patched on 4.2.1.

CVSS3: 4.3

EPSS: Низкий

CVE-2024-27083

почти 2 года назад

Flask-AppBuilder is an application development framework, built on top ...

CVSS3: 4.3

EPSS: Низкий

GHSA-fqxj-46wg-9v84

почти 2 года назад

Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)

CVSS3: 4.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2024-27083 Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser. This issue was introduced on 4.1.4 and patched on 4.2.1.	CVSS3: 4.3	1% Низкий	почти 2 года назад
CVE-2024-27083 Flask-AppBuilder is an application development framework, built on top of Flask. A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser. This issue was introduced on 4.1.4 and patched on 4.2.1.	CVSS3: 4.3	1% Низкий	почти 2 года назад
CVE-2024-27083 Flask-AppBuilder is an application development framework, built on top ...	CVSS3: 4.3	1% Низкий	почти 2 года назад
GHSA-fqxj-46wg-9v84 Flask-AppBuilder's OAuth login page subject to Cross Site Scripting (XSS)	CVSS3: 4.3	1% Низкий	почти 2 года назад

Уязвимостей на страницу