Improper authentication on the REST API. Allows for a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. Only affects non database authentication types, and new REST API endpoints.
Upgrade to Flask-AppBuilder 3.3.4
If you have any questions or comments about this advisory: * Open an issue in https://github.com/dpgaspar/Flask-AppBuilder
{ "nvd_published_at": "2021-12-09T17:15:00Z", "cwe_ids": [ "CWE-287" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2021-12-09T18:14:23Z" }