Skip to content

Underground News

Header Image
Category

LOW

1 Post

Featured

Posted byGitHub
[Flask-AppBuilder] Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings

[Flask-AppBuilder] Flask-AppBuilder before v4.1.3 allows inference of sensitive information through query strings

  • Posted inLOW
  • Posted byGitHub
  • 07/30/202208/11/2022

Impact
An authenticated Admin user could craft HTTP requests to filter users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an…

Underground News
WordPress theme by componentz

Archives

2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30
Hit enter to search or ESC to close