Security Advisory

CVE-2021-29621

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-06-07 19:00:12

Last updated 2024-08-03 22:11:06

Assigner GitHub_M

State PUBLISHED

Description

Flask-AppBuilder is a development framework, built on top of Flask. User enumeration in database authentication in Flask-AppBuilder <= 3.2.3. Allows for a non authenticated user to enumerate existing accounts by timing the response time from the server when you are logging in. Upgrade to version 3.3.0 or higher to resolve.

← Browse all CVEs View on cve.org ↗