Security Advisory

CVE-2025-24023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-03-03 15:25:55

Last updated 2025-03-03 18:41:23

Assigner GitHub_M

State PUBLISHED

Description

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.

← Browse all CVEs View on cve.org ↗