CVE-2020-18701

PYSEC-2021-341 · CVE-2020-18701

Published Aug 16, 2021 · Modified Oct 9, 2025

Description

Incorrect Access Control in Lin-CMS-Flask v0.1.1 allows remote attackers to obtain sensitive information and/or gain privileges due to the application not invalidating a user's authentication token upon logout, which allows for replaying packets.

References

REPORT https://github.com/TaleLin/lin-cms-flask/issues/30

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes