Dpgaspar

**Name of the Vulnerable Software and Affected Versions** Flask-AppBuilder versions prior to 4.5.1 **Description** The auth DB login form default cache directives in Flask-AppBuilder allow browsers to locally store sensitive data. This can be an issue in environments using shared computer resources. **Recommendations** For versions prior to 4.5.1, upgrade to version 4.5.1 to resolve the issue. If upgrading is not possible, configure your web server to send the specific HTTP headers for "/login", including "Cache-Control": "no-store, no-cache, must-revalidate, max-age=0", "Pragma": "no-cache", and "Expires": "0".

**Name of the Vulnerable Software and Affected Versions** Flask-AppBuilder versions prior to 4.3.0 **Description** The issue is related to the lack of rate limiting, which can allow an attacker to brute-force user credentials. This can be exploited by attackers to gain unauthorized access. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 4.3.0, update to version 4.3.0 or later and enable rate limiting by setting `AUTH RATE LIMITED = True`, `RATELIMIT ENABLED = True`, and configuring an `AUTH RATE LIMIT`. As a temporary workaround, consider implementing rate limiting using a reverse proxy or other strategies.

**Name of the Vulnerable Software and Affected Versions** Flask-AppBuilder versions prior to 3.4.5 **Description** Flask-AppBuilder contains an open redirect vulnerability when using the database authentication login page. This issue is fixed in version 3.4.5. There are currently no known workarounds. **Recommendations** For versions prior to 3.4.5, upgrade to version 3.4.5 or later to resolve the issue. As a temporary workaround, consider restricting access to the database authentication login page until the upgrade is applied.

**Name of the Vulnerable Software and Affected Versions** Flask-AppBuilder versions prior to 3.3.4 **Description** The issue is related to improper authentication in the REST API, allowing a malicious actor with a carefully crafted request to successfully authenticate and gain access to existing protected REST API endpoints. This only affects non-database authentication types and new REST API endpoints. **Recommendations** For versions prior to 3.3.4, upgrade to Flask-AppBuilder 3.3.4 to receive a patch. As a temporary workaround, consider restricting access to new REST API endpoints until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Flask-AppBuilder versions prior to 3.2.2 **Description** The issue is an open redirect vulnerability that occurs when using Flask-AppBuilder OAuth. An attacker can share a carefully crafted URL with a trusted domain for an application built with Flask-AppBuilder, which can redirect a user to a malicious site. **Recommendations** To resolve this issue, upgrade to Flask-AppBuilder 3.2.2 or above. If upgrading is infeasible, filter HTTP traffic containing `?next={next-site}` where the `next-site` domain is different from the application you are protecting as a workaround.