Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Flask-AppBuilder login form allows browser to cache sensitive fields
Vulnerability Description
Flask-AppBuilder is an application development framework. Prior to version 4.5.1, the auth DB login form default cache directives allows browser to locally store sensitive data. This can be an issue on environments using shared computer resources. Version 4.5.1 contains a patch for this issue. If upgrading is not possible, configure one's web server to send the specific HTTP headers for `/login` per the directions provided in the GitHub Security Advisory.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:L/I:N/A:N
Vulnerability Type
通过浏览器缓存导致的信息暴露
Vulnerability Title
Flask App Builder 安全漏洞
Vulnerability Description
Flask App Builder是Daniel Vaz Gaspar个人开发者的一个简单快速的应用程序开发框架。 Flask App Builder 4.5.1之前版本存在安全漏洞,该漏洞源于允许浏览器在本地存储敏感数据。
CVSS Information
N/A
Vulnerability Type
N/A