{"vulnerability": "cve-2023-49438", "sightings": [{"uuid": "a1548746-5800-49cb-a03b-2b2b254e47f1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "confirmed", "source": "https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-49438.yaml", "content": "", "creation_timestamp": "2026-04-21T17:45:30.000000Z"}, {"uuid": "c44efaef-6e04-4bcc-be47-56f4281c4300", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://bsky.app/profile/beikokucyber.bsky.social/post/3mk6vwtkjo52g", "content": "", "creation_timestamp": "2026-04-23T21:03:10.282469Z"}, {"uuid": "3faae824-1488-4122-87ae-f24e94e0fa8a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/6273", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2023\n\u63cf\u8ff0\uff1aCVE-2023-49438 - Open Redirect Vulnerability in Flask-Security-Too\nURL\uff1ahttps://github.com/brandon-t-elliott/CVE-2023-49438\n\n\u6807\u7b7e\uff1a#CVE-2023", "creation_timestamp": "2023-12-22T18:14:40.000000Z"}, {"uuid": "47a459e4-c97f-4e52-baba-a4b1d944374a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://t.me/ctinow/162829", "content": "https://ift.tt/LPid1Eh\nCVE-2023-49438 Exploit", "creation_timestamp": "2024-01-04T08:16:44.000000Z"}, {"uuid": "ae5cd72b-060c-49d8-a148-d0a86d0223d1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://t.me/ctinow/159475", "content": "https://ift.tt/DTdtWYx\nCVE-2023-49438", "creation_timestamp": "2023-12-26T23:26:42.000000Z"}, {"uuid": "df3b8b85-d348-42b3-a8a0-ee90ff01d7fe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "published-proof-of-concept", "source": "https://t.me/CyberSecurityTechnologies/9643", "content": "#exploit\n1. CVE-2023-49438:\nOpen Redirect Vulnerability in Flask-Security-Too\nhttps://github.com/brandon-t-elliott/CVE-2023-49438\n\n2. CVE-2021-44026:\nSQL injection in Roundcube\nhttps://github.com/pentesttoolscom/roundcube-cve-2021-44026", "creation_timestamp": "2024-11-12T02:01:20.000000Z"}, {"uuid": "bb541946-6ef7-490b-9c7c-5422f46fca5f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/31eb26fe10a0715b39c427020e06d517", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n> **CVSS Score:** 4.7\n> **Published:** 2026-06-23\n> **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: <= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security>=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:41:39.000000Z"}, {"uuid": "0be080d5-36a3-4d77-97fc-4403fcda9d1a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-49438", "type": "seen", "source": "https://gist.github.com/alon710/5069ba47a341c9374d265742c0ed2c0f", "content": "# GHSA-W2J7-F3C6-G8CW: GHSA-w2j7-f3c6-g8cw: Open Redirect Bypass via Parser Differential in Flask-Security\n\n> **CVSS Score:** 4.7\n> **Published:** 2026-06-23\n> **Full Report:** https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW\n\n## Summary\nAn open redirect vulnerability exists in Flask-Security versions up to and including 5.8.0. This flaw allows remote, unauthenticated attackers to perform open redirects by exploiting a parser differential between Python's standard library urlsplit() function and modern web browsers when subdomain redirection is allowed.\n\n## TL;DR\nA parser differential between Python's urlsplit() and web browsers allows attackers to bypass subdomain redirect validation in Flask-Security using backslash-based host strings, leading to open redirect attacks.\n\n## Exploit Status: POC\n\n## Technical Details\n\n- **CWE ID**: CWE-601\n- **Attack Vector**: Network (AV:N)\n- **CVSS Score**: 4.7 (Medium)\n- **EPSS Score**: N/A\n- **Impact**: Open Redirect\n- **Exploit Status**: Proof-of-Concept\n- **KEV Status**: Not Listed\n\n## Affected Systems\n\n- Flask-Security with SECURITY_REDIRECT_ALLOW_SUBDOMAINS enabled\n- **Flask-Security**: <= 5.8.0 (Fixed in: `5.8.1`)\n\n## Mitigation\n\n- Upgrade Flask-Security to version 5.8.1 or later\n- Disable subdomain redirects by setting SECURITY_REDIRECT_ALLOW_SUBDOMAINS = False\n- Deploy custom validation middleware to sanitize redirection parameters\n\n**Remediation Steps:**\n1. Verify the current installed version using 'pip show Flask-Security'\n2. Upgrade the package to a fixed version: 'pip install --upgrade Flask-Security>=5.8.1'\n3. Restart the Flask application process to apply the changes\n4. Verify that redirect requests containing backslashes are rejected with an error\n\n## References\n\n- [GitHub Security Advisory GHSA-w2j7-f3c6-g8cw](https://github.com/pallets-eco/flask-security/security/advisories/GHSA-w2j7-f3c6-g8cw)\n- [OSV Vulnerability Database Registry](https://osv.dev/vulnerability/CVE-2023-49438)\n- [National Vulnerability Database (NVD) Analysis for CVE-2023-49438](https://nvd.nist.gov/vuln/detail/CVE-2023-49438)\n- [GitLab Advisory Entry for Flask-Security Open Redirect Class](https://advisories.gitlab.com/pypi/flask-security-too/CVE-2023-49438)\n- [GitHub Advisories Main Entry Portal](https://github.com/advisories/GHSA-W2J7-F3C6-G8CW)\n\n\n---\n*Generated by [CVEReports](https://cvereports.com/reports/GHSA-W2J7-F3C6-G8CW) - Automated Vulnerability Intelligence*", "creation_timestamp": "2026-06-24T01:52:32.000000Z"}]}