CVE-2025-43931
Vulnerability Description
flask-boilerplate through a170e7c allows account takeover via the password reset feature because SERVER_NAME is not configured and thus a reset depends on the Host HTTP header.
Vulnerability Details
Published Date
Last Modified
Source
NVD
Discussion (0)
Add Comment
No comments yet. Be the first!