CVE-2016-1000001

EUVD-2016-0010
flask-oidc version 0.1.2 and earlier is vulnerable to an open redirect
Open Redirect
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.4 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 38%
Affected Products (NVD)
VendorProductVersion
flask-oidc_projectflask-oidc
𝑥
≤ 0.1.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293
https://github.com/puiterwijk/flask-oidc/blob/master/flask_oidc/__init__.py#L293