PYSEC-2021-341

See a problem?

Import Source

https://github.com/pypa/advisory-database/blob/main/vulns/lin-cms/PYSEC-2021-341.yaml

JSON Data

https://api.osv.dev/v1/vulns/PYSEC-2021-341

Aliases

CVE-2020-18701

Published

2021-08-16T18:15:00Z

Modified

2025-10-09T07:55:08.337963Z

Summary

[none]

Details

Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.

References

https://github.com/TaleLin/lin-cms-flask/issues/30

Affected packages

PyPI / lin-cms

Package

Name: lin-cms; View open source insights on deps.dev
Purl: pkg:pypi/lin-cms

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Affected versions

0.*

0.1.1a1

0.1.1a2

0.1.1a3

0.1.1a4

0.1.1a5

0.1.1a6

0.1.1a7

0.1.1a8

0.1.1b1

0.1.1b2

0.1.1b3

0.1.1b4

0.2.0b1

0.2.0b2

0.2.0b3

0.3.0a2

0.3.0a3

0.3.0a4

0.3.0a5

0.3.0a6

0.3.0a7

0.3.0a8

0.3.0a9

0.3.0a10

0.3.1

0.4.0

0.4.2

0.4.3

0.4.4

0.4.5

0.4.6

0.4.7

0.4.8

0.4.9

0.4.10

0.4.11

Database specific

source

"https://github.com/pypa/advisory-database/blob/main/vulns/lin-cms/PYSEC-2021-341.yaml"