Impact A Cross-Site Scripting (XSS) vulnerability has been discovered on the OAuth login page. An attacker could trick a user to follow a specially crafted URL to the OAuth login page. This URL could inject and execute malicious javascript code that would get executed on the user's browser. Impacted versions: Flask-AppBuilder version 4.1.4 up to and including 4.2.0 Patches This issue was introduced on 4.1.4 and patched on 4.2.1, user's should upgrade to 4.2.1 or newer…Read More
Flask-AppBuilder’s OAuth login page subject to Cross Site Scripting (XSS)
