Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Observable Response Discrepancy in flask-appbuilder
Vulnerability Description
Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Vulnerability Type
响应差异性信息暴露
Vulnerability Title
Flask App Builder 安全漏洞
Vulnerability Description
Flask App Builder是Daniel Vaz Gaspar个人开发者的一个简单快速的应用程序开发框架。 Flask App Builder 4.5.3之前版本存在安全漏洞,该漏洞源于未经验证的用户可以枚举现有用户名。
CVSS Information
N/A
Vulnerability Type
N/A