CVE-2023-29005 in Flask-AppBuilder versions信息

摘要

由 VulDB • 2026-05-24

Flask-AppBuilder 版本在 4.3.0 之前缺少速率限制(rate limiting),攻击者可利用此漏洞暴力破解用户凭据。版本 4.3.0 引入了通过设置 `AUTH_RATE_LIMITED = True`、`RATELIMIT_ENABLED = True` 以及配置 `AUTH_RATE_LIMIT` 来启用速率限制的功能。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Do you need the next level of professionalism?

Upgrade your account now!