CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Dpgaspar: >> Flask-Appbuilder >> 4.5.1 Security Vulnerabilities

CVE-2025-24023

Flask-AppBuilder is an application development framework. Prior to 4.5.3, Flask-AppBuilder allows unauthenticated users to enumerate existing usernames by timing the response time from the server when brute forcing requests to login. This vulnerability is fixed in 4.5.3.

CVSS Score

3.7

EPSS Score

0.001

Published

2025-03-03

Page 1

Vulnerabilities

Vulnerable Software

Dpgaspar: >> Flask-Appbuilder >> 4.5.1 Security Vulnerabilities

Products

Pricing

Contact Us