CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-18698

Improper Authentication in Lin-CMS-Flask v0.1.1 allows remote attackers to launch brute force login attempts without restriction via the 'login' function in the component 'app/api/cms/user.py'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.009

EPSS Ranking 74.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 5.0

References

https://cwe.mitre.org/data/definitions/307.html
https://github.com/TaleLin/lin-cms-flask/issues/27
https://cwe.mitre.org/data/definitions/307.html
https://github.com/TaleLin/lin-cms-flask/issues/27

Products affected by CVE-2020-18698

Talelin » Lin-Cms-Flask » Version: 0.1.1

cpe:2.3:a:talelin:lin-cms-flask:0.1.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-18698

Products

Pricing

Contact Us